Download
pc support repair n.
Skip this Video
Loading SlideShow in 5 Seconds..
PC Support & Repair PowerPoint Presentation
Download Presentation
PC Support & Repair

PC Support & Repair

130 Views Download Presentation
Download Presentation

PC Support & Repair

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. PC Support & Repair Chapter 9 Fundamental Security

  2. Objectives • After completing this chapter, you will meet these objectives: • Explain why security is important. • Describe security threats. • Identify security procedures. • Identify common preventive maintenance techniques for security. • Troubleshoot security.

  3. Why is Security Important?

  4. Describe Security Threats • Define viruses, worms, and Trojans. • Explain web security. • Define adware, spyware, and grayware. • Explain Denial of Service (DoS). • Describe spam and popup windows. • Explain social engineering. • Explain TCP/IP attacks. • Explain hardware deconstruction and recycling.

  5. Virus • Malicious intent • Attached to software, documents, or code • Some can lay dormant • Executes when program runs/opens • Can corrupt or delete files • Some capture keystrokes • Spreads by email, file transfer, IM

  6. Worm • Self-replicating program • Duplicates across network w/out you knowing • Doesn’t need to attach to program • Ties up bandwidth of network • Can’t perform normal network functions

  7. Trojan Horse • Hidden in software • “Appears” to be something good • Can reproduce & spread • Loss of data • Infect other computers

  8. Anti-Virus Software • Can detect, disable, and remove viruses, worms, and Trojans • YOU must be sure to apply updates (virus signature files), patches, etc. • Have a security policy at company • Maintenance schedule • Make employees aware of opening email attachments • Name some AV software

  9. Adware • Displays ads on computer • Usually in pop ups • Pops up faster than you can close • Comes in software you download

  10. Malware • Grayware • Not a virus but harmful or annoying • Phishing attacks • May change desktop background, home page • Can be removed using spyware and adware removal tools

  11. Spyware • Type of grayware • Similar to adware • Distributes w/out you knowing • Monitors computer activity • Sends info to creator

  12. Phishing • Social engineering • Pretends to be legit • Bank • Email contact • Ask to verify password or account to prevent something bad from happening • Through link to real-looking web page

  13. Activity

  14. Review • What places ads on the desktop without you doing anything? • Adware • Name two types of malware. • Grayware & spyware • What program is self-replicating? • Worm • How do you make sure your AV software can protect you from the latest viruses? • Download the latest virus updates

  15. Review • Which attack comes by email and directs you to a web page to enter personal info? • Phishing • Which software is installed on your computer w/out your knowing when you download a program and it displays product “windows” on the screen? • Adware • What ties up the networks bandwidth? • Worm

  16. Denial of Service (DoS) • Prevents users from accessing services on network • System is busy responding to the large amounts of requests; Resources get overloaded & shut down • PING OF DEATH • Many, large pings • EMAIL BOMB • Large amounts of bulk email overloads server • DDoS • Uses infected “zombie” computers to launch attacks • Zombies are all over the place; can’t trace attack

  17. DoS

  18. Spam • Unsolicited junk mail • Can include links to infected site • Or pop-ups • Email/AV software can detect it • No subject line • Incomplete return address • Computer generated e-mail • Return e-mail not sent by the user

  19. Social Engineering • Person who can gain access to equipment or network by tricking people • Get their username/password • Pretend technician, Look over shoulders, Look through desks,

  20. Other Attacks through TCP/IP • Spoofing • Gains access to resources on devices by pretending to be a trusted computer • Man-in-the-middle • Intercepts or inserts false information in traffic between two hosts

  21. Hardware Destruction • Data wiping • Used to remove sensitive data • Formatting is not enough • Overwrites data multiple times • Hard drive destruction • Shatter platters with hammer • Shred CD’s & floppies • Hard drive recycling (no sensitive data) • Format & reuse or donate

  22. Review • A visitor at your work looks over your shoulder & sees your password. They then go home & use it to access the network. What is this called? • Social engineering • Which attack uses zombies all over to overwhelm/flood servers? • DDoS • The IRS is replacing their computers. What should you do to the old hard drives to protect any sensitive data before you recycle the PC’s? • Destroy with a hammer

  23. Review • Which attack tricks you into entering your personal info through email and a spoofed web site? • Phishing • What is the proper way to remove personal data from a hard drive that does not contain sensitive info? • Data wiping • What attack gets the info before it gets to its destination? • Man-in-the-middle

  24. Identify Security Procedures • Explain what is required in a basic local security policy. • Explain the tasks required to protect physical equipment. • Describe ways to protect data. • Describe wireless security techniques.

  25. Protecting Equipment • Physical • Cable locks • Locked rooms • Security cages • Alarms • Web cams • Access • Card keys • Biometrics • Security guards

  26. Protecting Equipment • Trusted Platform Module (TPM) • Chip installed on motherboard • Can authenticate hardware & software • Store info about host • Digital certificates • Passwords • Encryption keys • Makes it harder for hackers to gain access • Because it’s hardware based

  27. Protect Data • BIOS password • Prevents BIOS changes & OS access • Login password

  28. Passwords • Should expire after a specific period of time • Should contain a mix of letters and numbers • Lockout rules apply after unsuccessful attempts • Rules should state: • Username naming convention (jsmith) • When passwords expire & when they will lockout • Standards should prevent users from writing down passwords and exposing them to public view

  29. Protect Data • Data encryption • Used in a VPN • Firewall • Allows/denies traffic to & from network • Smart Card • Card with chip • Biometrics • Fingerprint, eye, facial, etc.

  30. Data Backups • Full weekly or monthly • Then frequent partial • Should be stored off-site • Protect backup with password

  31. Wireless Security • SSID • Name of wireless network • Can disable the broadcast • MAC address filter • Only your MAC addresses allowed • Encrypt & authenticate data • WEP (weak) • WPA (better)WPA2 (best) • LEAP (Cisco’s for Win & Linux)

  32. Review • A fingerprint reader is what kind of security? • Biometrics • Which wireless security should you use when you have all Cisco equipment? • LEAP • Where should backups be stored? • Off-site • How should a telecommuter send secure data to the company while traveling? • Through a VPN

  33. Review • To secure your wireless network you should disable this & enable this… • Disable the SSID broadcast • Enable WPA encryption • T or F. Passwords should be text only. • T or F. You should set a password lockout rule. • What hardware/software security method on the motherboard supports storing encryption keys, digital certificates, and passwords? • TPM

  34. Review • What was the 1st wireless encryption, which is also the weakest? • WEP • This Cisco encryption is just as strong as WPA2. • LEAP • What security method has a chip on a card? • Smart Card • What wireless security method will ensure ONLY your computers are accessing the network? • MAC address filtering

  35. Lab • Packet Tracer Lab 9.3.4 • Build & secure a wireless network

  36. Preventive Maintenance for Security • Explain how to update signature files for anti-virus and anti-spyware software. • Explain how to install operating system service packs and security patches.

  37. Installing Patches & Service Packs • Usually to fix security holes • Windows XP had a lot of them! • Create a restore point • Check for updates • Download • Install • Make sure it works

  38. Troubleshooting

  39. Review- 11 Questions

  40. PC Support & Repair Chapter 9 Fundamental Security