PC Support & Repair Chapter 9 Fundamental Security
Objectives • After completing this chapter, you will meet these objectives: • Explain why security is important. • Describe security threats. • Identify security procedures. • Identify common preventive maintenance techniques for security. • Troubleshoot security.
Describe Security Threats • Define viruses, worms, and Trojans. • Explain web security. • Define adware, spyware, and grayware. • Explain Denial of Service (DoS). • Describe spam and popup windows. • Explain social engineering. • Explain TCP/IP attacks. • Explain hardware deconstruction and recycling.
Virus • Malicious intent • Attached to software, documents, or code • Some can lay dormant • Executes when program runs/opens • Can corrupt or delete files • Some capture keystrokes • Spreads by email, file transfer, IM
Worm • Self-replicating program • Duplicates across network w/out you knowing • Doesn’t need to attach to program • Ties up bandwidth of network • Can’t perform normal network functions
Trojan Horse • Hidden in software • “Appears” to be something good • Can reproduce & spread • Loss of data • Infect other computers
Anti-Virus Software • Can detect, disable, and remove viruses, worms, and Trojans • YOU must be sure to apply updates (virus signature files), patches, etc. • Have a security policy at company • Maintenance schedule • Make employees aware of opening email attachments • Name some AV software
Adware • Displays ads on computer • Usually in pop ups • Pops up faster than you can close • Comes in software you download
Malware • Grayware • Not a virus but harmful or annoying • Phishing attacks • May change desktop background, home page • Can be removed using spyware and adware removal tools
Spyware • Type of grayware • Similar to adware • Distributes w/out you knowing • Monitors computer activity • Sends info to creator
Phishing • Social engineering • Pretends to be legit • Bank • Email contact • Ask to verify password or account to prevent something bad from happening • Through link to real-looking web page
Review • What places ads on the desktop without you doing anything? • Adware • Name two types of malware. • Grayware & spyware • What program is self-replicating? • Worm • How do you make sure your AV software can protect you from the latest viruses? • Download the latest virus updates
Review • Which attack comes by email and directs you to a web page to enter personal info? • Phishing • Which software is installed on your computer w/out your knowing when you download a program and it displays product “windows” on the screen? • Adware • What ties up the networks bandwidth? • Worm
Denial of Service (DoS) • Prevents users from accessing services on network • System is busy responding to the large amounts of requests; Resources get overloaded & shut down • PING OF DEATH • Many, large pings • EMAIL BOMB • Large amounts of bulk email overloads server • DDoS • Uses infected “zombie” computers to launch attacks • Zombies are all over the place; can’t trace attack
Spam • Unsolicited junk mail • Can include links to infected site • Or pop-ups • Email/AV software can detect it • No subject line • Incomplete return address • Computer generated e-mail • Return e-mail not sent by the user
Social Engineering • Person who can gain access to equipment or network by tricking people • Get their username/password • Pretend technician, Look over shoulders, Look through desks,
Other Attacks through TCP/IP • Spoofing • Gains access to resources on devices by pretending to be a trusted computer • Man-in-the-middle • Intercepts or inserts false information in traffic between two hosts
Hardware Destruction • Data wiping • Used to remove sensitive data • Formatting is not enough • Overwrites data multiple times • Hard drive destruction • Shatter platters with hammer • Shred CD’s & floppies • Hard drive recycling (no sensitive data) • Format & reuse or donate
Review • A visitor at your work looks over your shoulder & sees your password. They then go home & use it to access the network. What is this called? • Social engineering • Which attack uses zombies all over to overwhelm/flood servers? • DDoS • The IRS is replacing their computers. What should you do to the old hard drives to protect any sensitive data before you recycle the PC’s? • Destroy with a hammer
Review • Which attack tricks you into entering your personal info through email and a spoofed web site? • Phishing • What is the proper way to remove personal data from a hard drive that does not contain sensitive info? • Data wiping • What attack gets the info before it gets to its destination? • Man-in-the-middle
Identify Security Procedures • Explain what is required in a basic local security policy. • Explain the tasks required to protect physical equipment. • Describe ways to protect data. • Describe wireless security techniques.
Protecting Equipment • Physical • Cable locks • Locked rooms • Security cages • Alarms • Web cams • Access • Card keys • Biometrics • Security guards
Protecting Equipment • Trusted Platform Module (TPM) • Chip installed on motherboard • Can authenticate hardware & software • Store info about host • Digital certificates • Passwords • Encryption keys • Makes it harder for hackers to gain access • Because it’s hardware based
Protect Data • BIOS password • Prevents BIOS changes & OS access • Login password
Passwords • Should expire after a specific period of time • Should contain a mix of letters and numbers • Lockout rules apply after unsuccessful attempts • Rules should state: • Username naming convention (jsmith) • When passwords expire & when they will lockout • Standards should prevent users from writing down passwords and exposing them to public view
Protect Data • Data encryption • Used in a VPN • Firewall • Allows/denies traffic to & from network • Smart Card • Card with chip • Biometrics • Fingerprint, eye, facial, etc.
Data Backups • Full weekly or monthly • Then frequent partial • Should be stored off-site • Protect backup with password
Wireless Security • SSID • Name of wireless network • Can disable the broadcast • MAC address filter • Only your MAC addresses allowed • Encrypt & authenticate data • WEP (weak) • WPA (better)WPA2 (best) • LEAP (Cisco’s for Win & Linux)
Review • A fingerprint reader is what kind of security? • Biometrics • Which wireless security should you use when you have all Cisco equipment? • LEAP • Where should backups be stored? • Off-site • How should a telecommuter send secure data to the company while traveling? • Through a VPN
Review • To secure your wireless network you should disable this & enable this… • Disable the SSID broadcast • Enable WPA encryption • T or F. Passwords should be text only. • T or F. You should set a password lockout rule. • What hardware/software security method on the motherboard supports storing encryption keys, digital certificates, and passwords? • TPM
Review • What was the 1st wireless encryption, which is also the weakest? • WEP • This Cisco encryption is just as strong as WPA2. • LEAP • What security method has a chip on a card? • Smart Card • What wireless security method will ensure ONLY your computers are accessing the network? • MAC address filtering
Lab • Packet Tracer Lab 9.3.4 • Build & secure a wireless network
Preventive Maintenance for Security • Explain how to update signature files for anti-virus and anti-spyware software. • Explain how to install operating system service packs and security patches.
Installing Patches & Service Packs • Usually to fix security holes • Windows XP had a lot of them! • Create a restore point • Check for updates • Download • Install • Make sure it works
PC Support & Repair Chapter 9 Fundamental Security