PC Support & Repair

PC Support & Repair

PC SUPPORT & REPAIR Chapter 12 Security Objectives After completing this chapter, you will meet these objectives: o o

o o Explain why security is important. Describe security threats. Identify security procedures. Identify common preventive maintenance techniques for security. o Troubleshoot security.

SECURITY THREATS 12.1 Malware Any software to create malicious acts o Adware, spyware, grayware, viruses, worms, Trojan horses, rootkits Usually installed without user

knowledge Open extra windows, changes computers config, redirect browser, collect info, etc. Type of Malware: VIRUS Virus o Transferred through email, flash drives, file transfers, IM o When file is access, virus executes

Type of Malware: TROJAN HORSE Trojan Horse o Looks ok but has malicious code o Often in free online games o Can open a hole in software for an attack No replication & not attached to a file You end up running the program

Can open a hole in software for an attack o Your PC becomes a zombie (Bot or Botnet) o Used for spamming, DDoS attack, etc. SOLUTION: o Install anti-malware program Type of Malware: WORMS Self-replicating program

Duplicates across network w/out you knowing o Doesnt need to attach to program Ties up network bandwidth & prevent users from doing normal stuff Gets in from unpactched software SOLUTION: o Keep software up to date o Install anti-malware software

Type of Malware: ADWARE Displays ads on computer o Usually in pop ups o Pops up faster than you can close Comes in software you download Type of Malware:

SPYWARE Software installed w/ out you knowing Intercepts & collects data; gets passwords Gathers info about you & sends it to someone else w/out your consent o Gather browsing data

o Steal personal or financial info Type of Malware: RANSOMWARE Similar to adware Denies access to computer Demands a paid ransom to get PC control back

Type of Malware: ROOTKITS Installed in the boot sector o BIOS boots system from rootkit o Thinks rootkit is the OS o Rootkit runs in RAM Gains administrator-level access to computer Very difficult to detect o Almost invisible to anti-malware software

o Has the rights to control and modify security programs SOLUTION: o Secure boot feature in newer Windows o May have to reinstall OS to get rid of it Solution to Malware To detect, disable, and remove malware before it infects a computer, always use antivirus software, antispyware, and adware

removal tools These software programs become outdated quickly o It is the responsibility of the technician to apply the most recent updates, patches, and virus definitions as part of a regular maintenance schedule o Many organizations establish a written security policy stating that employees are not permitted to install any software that is not provided by the

company. Activity Review- 5Q What type of threat installs software on your PC to monitor your activity? o Spyware What is the most difficult threat to protect against

because it installs in the boot sector? o Rootkit What places ads on the desktop without you doing anything? o Adware Name two types of malware. o Adware, spyware, virus, worm, Trojan, rootkit

What program is self-replicating? o Worm Review- 4Q Which attack comes by email and directs you to a web page to enter personal info? o Phishing Which software is installed on your computer w/out your knowing when you download a

program and it displays product windows on the screen? o Adware What ties up the networks bandwidth? o Worm How do you make sure your AV software can protect you from the latest viruses? o Download the latest virus updates

Threat: PHISHING Email, phone, or text to get personal or financial information o Can also be used to persuade users to unknowingly install malware on their computers Looks legit o Bank o Ask to verify password or account to prevent

something bad from happening o Through link to real-looking web page Spear phishing o When a phishing attack is targeted at a specific individual or organization Threat: SPAM Unsolicited junk mail Can be for ads or include harmful links or

malware o Goal is to get sensitive info Sent out by compromised PCs to others Reduced by ISP filter, antivirus software, email programs that filter it Watch for email with: o o o

o No subject line Misspelled words & strange punctuation Long, cryptic hyperlinks Request to open an attachment Threat: (DoS) DENIAL OF SERVICE ATTACK Overload a system so it cant do its

normal work o Crash or flood server Regular Example: o You go to bank to cash a check o Bank is filled with people who dont even have a bank account o They are just there to disrupt normal service

Threat: (DDOS) DISTRIBUTED DENIAL OF SERVICE ATTACK Uses infected zombie or botnet computers to launch attacks Zombies are all over the place; cant trace Threat: SYN FLOOD A SYN request initializes TCP communication

o Ties up the server bc it replies to nothing o Others are denied service Threat: SPOOFING Computer pretends to be a trusted computer to gain access to resources IP spoofing- hiding the source IP MAC spoofing- mainly used in wireless networks to avoid MAC filtering

Threat: MAN-IN-THE-MIDDLE ATTACK Intercepting communications between computers to steal information traveling through the network Could also be used to manipulate messages and relay false information between hosts Threat: REPLAY ATTACK

Hacker sniffs packets to get authentication info Then hacker uses info to connect to server Threat: DNS POISONING DNS records are changed to point to imposter server o User attempts to access a legitimate site, but traffic is diverted to an imposter site

o Imposter site used to capture confidential information, such as usernames and passwords Threat: ZERO DAY ATTACK A hole in software that is unknown to the vendor o Security hole is then exploited by hackers before the vendor becomes aware and

hurries to fix it THREAT: SOCIAL ENGINEERING An attempt to fraudulently get sensitive info from users o Usernames, passwords, credit card #, account #, ss #, etc. o They pretend to be a trustworthy person

Social Engineering Techniques Pretexting o Pretends to need personal info to confirm identity of recipient Phishing Spear Phishing o Targeted phishing attack

Tailgating o Following an authorized person into secure area Attack! Attack again! Whats your password?

Preventing Social Engineering Attacks The end user is the weak link Teach users: o Never give out your login credentials o Never post credential information in your work area o Lock your computer when you leave your desk o Implement an access or entry control roster listing who is permitted in

o Do not let anyone follow you through a door that requires an access card o Always ask for the ID of unknown persons o Restrict access to visitors; Escort all visitors o Forward those types of calls to help desk (theyll probably hang up) o Check web links for https, web address o Privacy filter to prevent shoulder surfers o Shred documents to prevent dumpster diving

Activity- NOT ALL ARE USED Review- 4Q What kind of attack uses zombie computers to attack another system? o DDoS How do DoS and DDoS attack a server? o They overload it so the server cannot do its normal

functions; possibly crashes Which attack tricks you into entering your personal info through email and a spoofed web site? o Phishing What attack gets the info before it gets to its destination? o Man-in-the-middle

Review- 3Q A visitor at your work looks over your shoulder & sees your password. They then go home & use it to access the network. What is this called? o Social engineering What is the best way to prevent social eng.? o Train staff

What kind of attack is when a hole in software is found and is taken advantage of before it gets patched? o Zero day attack SECURITY PROCEDURES 12.2

Create a Security Policy Local Windows Security Policy In Active Directory networks, Windows policies are set on server & are active when user logs in On stand-alone computers: o Control Panel > Administrative Tools > Local Security Policy

Username & Password Change defaults Use a standard naming convention for users o EX: jsmith Dont use other users login info BIOS password Local PC password

Network password Local Windows Password Create a Windows password Lock PC when not around it or set screen saver with login Activity TestOut Lab 12.5.4 Configure BIOS/UEFI

Security TestOut Lab 12.7.5 Enforce Password Settings Web Security Browser settings: ActiveX Filtering Pop-up Blocker SmartScreen Filter o Detects phishing & malicious items on

websites InPrivate Browsing o Like Chromes incognito mode Protect Data Software Firewall o Allows/denies traffic to & from network

Smart Card o Plastic card with chip o Stores information Biometrics o Fingerprint, eye, facial, etc. Key fob

Data Backups Full weekly or monthly o Then frequent partial Should be stored offsite Protect backup with password Check to make sure backup is good

File and Folder Permissions Right-click the file or folder and select Properties > Security > Edit Level Full Modify Read and Execute Read

Write Description Can do everything Change & delete but NOT create new Can see contents & run Can see & open Can create & make changes

File & Folder EncryptionEFS EFS (Encrypting File System) in Windows o Can encrypt files or folders o Can only be opened by the user who encrypted them or by an administrator o Right-click on file/folder, Properties, Advanced, Encrypt Data Encryption- BitLocker in

Windows Used to encrypt entire hard drive o 1st- initialize TPM in BIOS o 2nd- turn on BitLocker in Control Panel Needs a TPM (Trusted Platform Module) on the motherboard to store the encrypted keys OR a flash drive to store the keys

Hardware Destruction Data wiping o Used to remove sensitive data Formatting is not enough o Overwrites data multiple times Hard drive destruction

o Shatter platters with hammer o Shred CDs & floppies Hard drive recycling (no sensitive data) o Format & reuse or donate Activity

Activity TestOut Lab 12.3.6 Require a Screen Saver Password TestOut Lab 12.8.4 Encrypt Files TestOut Lab 12.10.4 Configure the Windows Firewall Review- 3Q A fingerprint reader is what kind of security?

o Biometrics Where should backups be stored? o Off-site The IRS is replacing their computers. What should you do to the old hard drives to protect any sensitive data before you recycle the PCs? o Destroy with a hammer or degausser

SECURITY TECHNIQUES 12.2 Protection Antivirus Software o An antivirus program runs automatically in background & monitors for problems o When virus is detected, user is warned & program attempts to

quarantine or delete virus Spyware protection o Antispyware programs scan for keyloggers, which capture your keystrokes, and other malware so that it can be removed Adware protection o Anti-adware looks for programs that display ads on computer Phishing protection

o Antiphishing programs block the IP addresses of known phishing websites and warn you about suspicious websites Removing a Virus Identify whats happening Disconnect from the network Let IT know Boot to Safe Mode & scan (or install AV) o May need Safe Mode with Networking o Use other tools

Delete system restore files after cleaned Customer in a hurry? o Remove HD & connect to external dock o Copy data they need to another PC Signature File Updates Get your updates for your AV software Auto update

Wireless Security Disable SSID (Service Set Identifier) o Change & disable the broadcast MAC address filter o Only listed MAC addresses allowed/prevented

Encrypt & authenticate data o WEP (weak) o WPA (better) o WPA2 (best) Turn WPS off (easy brute force attack) Review- 4Q To secure your wireless network you should

disable this & enable this o Disable the SSID broadcast o Enable WPA2 encryption T or F. Passwords should be text only. T or F. You should set a password lockout rule. What hardware/software security method on the motherboard supports storing encryption keys, digital certificates, and passwords? o TPM

Review- 3Q What was the 1st wireless encryption, which is also the weakest? o WEP What security method has a chip on a card? o Smart Card

What wireless security method will ensure ONLY your computers are accessing the network? o MAC address filtering HARDWARE FIREWALLS 12.2 Hardware Firewall

Configurations Integrated into SOHO routers Packet filtering o Every packet inspected o Must match rule for allow or deny o Based on protocols/ports in/out SPI (Stateful Packet Inspection) o Packets must be part of a known connection

Proxy Server o Inspects all packets against rules DMZ Demilitarized Zone o If you have a server that needs to be accessed from the outside world, place it in a zone that is not in your network Port Forwarding

Specific ports must be opened so that certain applications can communicate with devices on different networks o Port forwarding is a rule-based method of directing traffic to a certain device in the network o Used in gaming or security cameras Activity Packet Tracer Lab 12.2.5.8 Configure

Wireless Security Protecting Equipment Physical o o o o o o

Cable locks Locked rooms Security cages Alarms Web cams RFID tags Access o Multifactor authentication

o Disable AutoRun & AutoPlay PREVENTIVE MAINTENANCE FOR SECURITY 12.3 Common Preventive Maintenance Techniques Download OS service packs & patches

Make regular data backups Enable Windows Firewall & manually add ports Maintain accounts o Group users; disable employee accounts when they leave; login times, etc. COMMON PROBLEMS FOR SECURITY

12.4 Common Problems PC SUPPORT & REPAIR Chapter 12 Security

Recently Viewed Presentations

  • Concepts to be covered Research question Normative  Empirical

    Concepts to be covered Research question Normative Empirical

    Concepts to be covered. Research question. Normative. Empirical. Unit (of analysis) Variable (attributes / values) Explanatory. Descriptive. Deze microlecture bevat veels slides, ik vraag me af of het haalbaar is om dit in 1 microlecture te behandelen?
  • The Glory of Greece - CANADIAN COLLEGE ITALY

    The Glory of Greece - CANADIAN COLLEGE ITALY

    Meet the Spartans Sparta primary city of Peloponnesus agriculturally center of Greece built around natural defences Three distinct classes Dorians Spartiates Conquered People Perioeci and Helots Spartiates (full citizens) 25,000 Dorians Conquered Peoples Perioeci ("dwellers around") 100,000 Helots (serfs) 250,...
  • Our PB Legacy - Paul Brunton Philosophic Foundation

    Our PB Legacy - Paul Brunton Philosophic Foundation

    Our PB Legacy. Our PB legacy is a combination of what we have done with the material in our care, and what we will do going forward so that it remains a spiritual resource for generations to come.
  • Jesse B. Blayton Sr

    Jesse B. Blayton Sr

    All about Jesse. Jesse B. Blayton Sr. was born in Fallis, Oklahoma on December 6, 1897, and attended the Walton School in Chicago. He went on to study at the University of Chicago before moving to Atlanta, Georgia to practice...
  • Company Presentation - Agrária

    Company Presentation - Agrária

    500g Embalagem a vácuo 11g Sache a vácuo Pauta Produção de fermento cervejeiro seco Reidratação do fermento cervejeiro seco Fermentação com fermento cervejeiro seco Resumo Produção do Fermento Cervejeiro Seco Banco de cepas dos fermentos Armazenamento curto Cultura de agar...
  • Automata with auxiliary storage, graph automata, and Tree-Width

    Automata with auxiliary storage, graph automata, and Tree-Width

    Gennaro Parlato (U. of Illinois, U.S.A.) Joint work with: Salvatore La Torre (U. of Salerno, Italy) P. Madhusudan (U. of Illinois, U.S.A.) * * * * * What is this talk about? Our work is motivated by the verification of...
  • Computer science in the computing curriculum KS2

    Computer science in the computing curriculum KS2

    Go into 3PGC07 on Moodle - Computing section. Look at KS1 in the curriculum. Which words/phrases are you unsure of? Computing National Curriculum (taken from Computing in the National Curriculum: a guide for primary teachers - see Moodle) ... Computer...
  • COMSEC/CRYPTO Briefing - CDSE

    COMSEC/CRYPTO Briefing - CDSE

    OVERVIEW What is COMSEC/CRYPTO? Devices/CRYPTO Access Safeguarding Reproduction Destruction Reporting Requirements * WHAT IS COMSEC? COMSEC (Communications Security) - Broad term used to describe the measures and controls taken to deny unauthorized persons information derived from ...