pc support & repair chapter 9 fundamental security
Post on 21-Dec-2015
216 views
TRANSCRIPT
![Page 1: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/1.jpg)
PC Support & RepairChapter 9Fundamental Security
![Page 2: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/2.jpg)
Objectives•After completing this chapter, you will meet these
objectives:▫Explain why security is important. ▫Describe security threats. ▫Identify security procedures. ▫Identify common preventive maintenance techniques
for security. ▫Troubleshoot security.
![Page 3: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/3.jpg)
Why is Security Important?
![Page 4: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/4.jpg)
Describe Security Threats•Define viruses, worms, and Trojans. •Explain web security. •Define adware, spyware, and grayware. •Explain Denial of Service (DoS). •Describe spam and popup windows. •Explain social engineering. •Explain TCP/IP attacks. •Explain hardware deconstruction and recycling.
![Page 5: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/5.jpg)
Virus•Malicious intent•Attached to software,
documents, or code▫Some can lay dormant
•Executes when program runs/opens▫Can corrupt or delete files▫Some capture keystrokes
•Spreads by email, file transfer, IM
![Page 6: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/6.jpg)
Worm•Self-replicating program•Duplicates across network w/out you knowing▫Doesn’t need to attach to program
•Ties up bandwidth of network▫Can’t perform normal network functions
![Page 7: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/7.jpg)
Trojan Horse•Hidden in software▫“Appears” to be
something good•Can reproduce & spread▫Loss of data▫Infect other computers
![Page 8: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/8.jpg)
Anti-Virus Software• Can detect, disable, and remove viruses, worms, and
Trojans • YOU must be sure to apply updates (virus signature
files), patches, etc.
• Have a security policy at company•Maintenance schedule•Make employees aware of opening email attachments
• Name some AV software
![Page 9: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/9.jpg)
Adware•Displays ads on computer▫Usually in pop ups▫Pops up faster than you can close
•Comes in software you download
![Page 10: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/10.jpg)
Malware•Grayware▫Not a virus but harmful or annoying
Phishing attacks May change desktop background, home page
▫Can be removed using spyware and adware removal tools
![Page 11: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/11.jpg)
Spyware•Type of grayware▫Similar to adware
•Distributes w/out you knowing
•Monitors computer activity▫Sends info to creator
![Page 12: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/12.jpg)
Phishing•Social engineering•Pretends to be legit▫Bank
•Email contact▫Ask to verify password or account to prevent
something bad from happening▫Through link to real-looking web page
![Page 13: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/13.jpg)
Activity
![Page 14: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/14.jpg)
Review•What places ads on the desktop without you doing
anything?▫Adware
•Name two types of malware.▫Grayware & spyware
•What program is self-replicating?▫Worm
•How do you make sure your AV software can protect you from the latest viruses?▫Download the latest virus updates
![Page 15: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/15.jpg)
Review•Which attack comes by email and directs you to a
web page to enter personal info?▫Phishing
•Which software is installed on your computer w/out your knowing when you download a program and it displays product “windows” on the screen?▫Adware
•What ties up the networks bandwidth?▫Worm
![Page 16: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/16.jpg)
Denial of Service (DoS)•Prevents users from accessing services on network▫System is busy responding to the large amounts of
requests; Resources get overloaded & shut down•PING OF DEATH▫Many, large pings
•EMAIL BOMB▫Large amounts of bulk email overloads server
•DDoS▫Uses infected “zombie” computers to launch attacks▫Zombies are all over the place; can’t trace attack
![Page 17: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/17.jpg)
DoS
![Page 18: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/18.jpg)
Spam•Unsolicited junk mail•Can include links to infected site▫Or pop-ups
•Email/AV software can detect it▫No subject line ▫Incomplete return address ▫Computer generated e-mail ▫Return e-mail not sent by the user
![Page 19: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/19.jpg)
Social Engineering•Person who can gain access to equipment or network
by tricking people▫Get their username/password
•Pretend technician, Look over shoulders, Look through desks,
![Page 20: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/20.jpg)
Other Attacks through TCP/IP•Spoofing▫Gains access to resources on devices by pretending to
be a trusted computer
•Man-in-the-middle▫Intercepts or inserts false information in traffic
between two hosts
![Page 21: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/21.jpg)
Hardware Destruction• Data wiping ▫Used to remove sensitive data
Formatting is not enough▫Overwrites data multiple times
• Hard drive destruction ▫Shatter platters with hammer▫Shred CD’s & floppies
• Hard drive recycling (no sensitive data)▫Format & reuse or donate
![Page 22: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/22.jpg)
Review• A visitor at your work looks over your shoulder & sees
your password. They then go home & use it to access the network. What is this called?▫Social engineering
•Which attack uses zombies all over to overwhelm/flood servers?▫DDoS
• The IRS is replacing their computers. What should you do to the old hard drives to protect any sensitive data before you recycle the PC’s?▫Destroy with a hammer
![Page 23: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/23.jpg)
Review•Which attack tricks you into entering your personal
info through email and a spoofed web site?▫Phishing
•What is the proper way to remove personal data from a hard drive that does not contain sensitive info?▫Data wiping
•What attack gets the info before it gets to its destination?▫Man-in-the-middle
![Page 24: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/24.jpg)
Identify Security Procedures•Explain what is required in a basic local security
policy. •Explain the tasks required to protect physical
equipment. •Describe ways to protect data. •Describe wireless security techniques.
![Page 25: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/25.jpg)
Protecting Equipment•Physical▫Cable locks▫Locked rooms▫Security cages▫Alarms▫Web cams
•Access▫Card keys▫Biometrics ▫Security guards
![Page 26: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/26.jpg)
Protecting Equipment•Trusted Platform Module (TPM)▫Chip installed on motherboard▫Can authenticate hardware & software▫Store info about host
Digital certificates Passwords Encryption keys
▫Makes it harder for hackers to gain access Because it’s hardware based
![Page 27: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/27.jpg)
Protect Data•BIOS password▫Prevents BIOS changes & OS access
• Login password
![Page 28: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/28.jpg)
Passwords•Should expire after a specific period of time•Should contain a mix of letters and numbers• Lockout rules apply after unsuccessful attempts
•Rules should state:▫Username naming convention (jsmith)▫When passwords expire & when they will lockout
•Standards should prevent users from writing down passwords and exposing them to public view
![Page 29: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/29.jpg)
Protect Data•Data encryption▫Used in a VPN
•Firewall▫Allows/denies traffic to & from
network•Smart Card▫Card with chip
•Biometrics▫Fingerprint, eye, facial, etc.
![Page 30: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/30.jpg)
Data Backups•Full weekly or monthly▫Then frequent partial
•Should be stored off-site
•Protect backup with password
![Page 31: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/31.jpg)
Wireless Security•SSID▫Name of wireless network▫Can disable the broadcast
•MAC address filter▫Only your MAC addresses allowed
•Encrypt & authenticate data▫WEP (weak)▫WPA (better)
WPA2 (best)▫LEAP (Cisco’s for Win & Linux)
![Page 32: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/32.jpg)
Review•A fingerprint reader is what kind of security?▫Biometrics
•Which wireless security should you use when you have all Cisco equipment?▫LEAP
•Where should backups be stored?▫Off-site
•How should a telecommuter send secure data to the company while traveling?▫Through a VPN
![Page 33: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/33.jpg)
Review•To secure your wireless network you should disable
this & enable this…▫Disable the SSID broadcast▫Enable WPA encryption
•T or F. Passwords should be text only.•T or F. You should set a password lockout rule.•What hardware/software security method on the
motherboard supports storing encryption keys, digital certificates, and passwords?▫TPM
![Page 34: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/34.jpg)
Review•What was the 1st wireless encryption, which is also
the weakest?▫WEP
•This Cisco encryption is just as strong as WPA2.▫LEAP
•What security method has a chip on a card?▫Smart Card
•What wireless security method will ensure ONLY your computers are accessing the network?▫MAC address filtering
![Page 35: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/35.jpg)
Lab•Packet Tracer Lab 9.3.4▫Build & secure a wireless network
![Page 36: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/36.jpg)
Preventive Maintenance for Security
•Explain how to update signature files for anti-virus and anti-spyware software.
•Explain how to install operating system service packs and security patches.
![Page 37: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/37.jpg)
Installing Patches & Service Packs•Usually to fix security holes▫Windows XP had a lot of them!
1. Create a restore point2. Check for updates3. Download4. Install5. Make sure it works
![Page 38: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/38.jpg)
Troubleshooting
![Page 39: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/39.jpg)
Review- 11 Questions
![Page 40: PC Support & Repair Chapter 9 Fundamental Security](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d585503460f94a37ede/html5/thumbnails/40.jpg)
PC Support & RepairChapter 9Fundamental Security