Computer Security
-
Upload
nash-mclaughlin -
Category
Documents
-
view
21 -
download
0
description
Transcript of Computer Security
![Page 1: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/1.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Computer SecurityChapter 23
![Page 2: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/2.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Overview
• In this chapter, you will learn to
– Explain the threats to your computers and data
– Describe how to control the local computing environment
– Explain how to protect computers from network threats
![Page 3: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/3.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Analyzing the Threat
Historical/Conceptual
![Page 4: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/4.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Threats
• Unauthorized access– Any user accesses resources
in an unauthorized way– Not locked down
• Data destruction– Intentional or accidental data loss– Unauthorized data modification
• Administrative access– XP Home almost requires granting multiple users
administrator access– Use Windows 2000 or XP Pro to control access
![Page 5: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/5.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Threats
• System crash/hardware failures– Hard drives crash, power fails– Redundant systems provide protection
• Viruses/spyware– Travel quickly in a network– Come from the Internet, floppy disks, optical discs,
and USB drives• Goal is to prevent infection
InternetInternet
![Page 6: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/6.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
CompTIA A+Essentials
Essentials
Getting the Right Sound CardLocal Control
![Page 7: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/7.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Local Control
• Identify what to back up
• Eliminate sensitive data from discarded media
• “First, Do No Harm””– Part of physician’s oath
• “First, Secure the Data”– Tech version of the oath
Top Secret
![Page 8: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/8.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
What to Back Up
• Essential data– Use the Backup tool– Documents and Settings folder for all users– E-mail and address books– Other data
![Page 9: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/9.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
What to Back Up
• Servers– Some servers have critical data (Active Directory)– Back up System State to include
• Most of Registry, security settings, and more
![Page 10: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/10.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Off-Site Storage
• Backups should be stored someplace other than your place of business– Could be tape, CD, portable drive
• Off-site storage– Copy of backup stored in another
geographical location– Protects against major disaster
such as fire, flood, etc. Backups
![Page 11: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/11.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Migration
• When a computer is replaced– Move user’s data and settings to new computer– Use a tool such as File and Settings Transfer (FAST)
Wizard– Don’t connect new computer to network until
security has been implemented
`
Old computer New computer
![Page 12: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/12.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Migration
• Eliminate data remnants– Just formatting or repartitioning isn’t enough– Use a tool such as Windows Washer– Can eliminate specific data or the entire drive
![Page 13: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/13.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Recycle
• Don’t just throw computers in trash
– Keeps toxic chemicals out of landfills
– Recycling centers will take them
– Donate • Schools and other organizations will gladly take
used computers
![Page 14: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/14.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
CompTIA A+Technician
IT Technician
Getting the Right Sound CardSocial Engineering
![Page 15: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/15.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Social Engineering
• Using or manipulating people in the network to gain access to the network
• Infiltration– Physically sneaking into building– Talking to people gathering pieces of information
• Telephone scams– Simply asking for information– Impersonating someone else
![Page 16: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/16.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Social Engineering
• Dumpster diving
– Searching through trash looking for information
– Individual pieces of data can be put together as a puzzle
• Physical theft
– Servers need to be kept behind locked doors
– The best network security is beaten easily if physical security is ignored
![Page 17: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/17.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Access Control
• Physical security– Lock the door– Don’t leave PC unattended when logged on
• Authentication– Software authentication using proper passwords– Hardware authentication using smart cards
and biometrics
![Page 18: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/18.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Access Control
• Use NTFS, not FAT32– FAT32 provides very limited security– Use NTFS whenever possible
• To convert FAT32 drive to NTFS– Convert D:\ /FS:NTFS
• Users and groups– Can add users to groups– Users now have permissions
of group
![Page 19: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/19.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network Security
• User account control through groups– Can grant permission to group– Groups represented by icon
![Page 20: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/20.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network Security
• Adding users to a group– Done in Computer Management
![Page 21: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/21.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network Security
• Effective permissions (combined)– Rita is in Sales Group and Managers group– Sales granted List Folder Contents permission– Managers granted Read & Execute permission– Rita has Read & Execute AND List Folder Contents
permissions (combination of both)
Sales group Managers group
ListFolderContents
Read &Execute
![Page 22: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/22.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network Security
• Default groups
– Everyone, Guests, Users
– Can become backdoors to the network
– Windows 2000 gives full control to the Everyone group by default
![Page 23: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/23.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security Policies
• Local Security Settings– Set via Local Security Policy in Administrator Tools– Can set Local Computer Group Policy Object Editor– Applies only to this computer
![Page 24: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/24.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security Policies
• Local Group Policy—applies locally only
![Page 25: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/25.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security Policies
• Examples of what can be done with Group Policy in a domain– Prevent Registry Edits– Prevent Access to the Command Prompt– Log on Locally– Shut Down System– Minimum Password
Length– Account Lockout
Threshold– Disable Windows
Installer– Much more
![Page 26: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/26.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Malicious Software
• Together known as malware
– Viruses
– Trojans
– Worms
– Spyware
– Adware
– Grayware
You’ve got Virus!
Hey, new mail coming your way!
![Page 27: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/27.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Malware
• Viruses– Designed to attach themselves to a program – When program is used, the virus goes into action– Can wipe out data, send spam e-mails, and more
• Trojans– Designed to look like one program (such as a game
or utility)– Does something else too, such as erase CMOS
![Page 28: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/28.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Malware
• Worms– Similar to a Trojan but on a network– Travels from machine to machine through network – Commonly infects systems because of security flaws
• Best protection against Worms– Run antivirus software– Keep security patches
up to date– Use tools such as
Windows Update or Automatic Update to get critical updates
![Page 29: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/29.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Antivirus Programs
• Antivirus programs– Can be set to scan entire computer actively
for viruses
– Can be set as virus shield to monitor activity such as downloading files, receiving e-mail, etc.
– Viruses have digitalsignatures
– Antivirus programs havelibrary of signatures
– Update signatures regularly
![Page 30: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/30.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Virus Techniques
• Polymorphics/Polymorphs– Viruses attempt to change or morph to prevent
detection– Code used to morph (scrambling code) often used
as signature
• Stealth– Virus attempts to hide and appear invisible– Most are in boot sector– Some use little-known software interrupt– Others make copies of innocent-looking files
![Page 31: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/31.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Virus Prevention Tips
• Scan all incoming programs and data
• Scan the PC daily
• Update signatures regularly
• Keep bootable CD-R with copy of antivirus program
• Be careful with e-mail– Consider disabling preview window– Only open attachments from known sources
![Page 32: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/32.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Malware
• Spam– Unsolicited commercial e-mail (UCE)– To avoid, don’t give out your e-mail address
• Pop-ups– Many modify the browser so hard to close
• Some open up other pop-ups when one pop-up is closed– To close
• Right-click the browser on the taskbar and select Close• While the pop-up is displayed, press Alt-F4
![Page 33: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/33.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Spyware
• Family of programs that run in the background– Can send information on your browsing habits – Can run distributed computing apps, capture
keystrokes to steal passwords, reconfigure dial-up, and more
• Preventing installation– Beware of free programs
such as Gator, Kazaa, others– Adobe’s Shockwave and
Flash reputable, but many others are not
![Page 34: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/34.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Spyware
• Aggressive tactics– Try to scare you into
installing their program
• Removing Spyware– Windows Defender– Lavasoft’s Ad-Aware– PepiMK’s Spybot
Search & Destroy
![Page 35: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/35.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Grayware
• Not destructive in themselves– Leach bandwidth in networks
– Some people consider them beneficial
– Used to sharefiles (e.g., BitTorrent)
– Can push networkover the edge
![Page 36: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/36.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Firewalls
• Used to block malicious programs from the Internet
– Can be software, hardware, or both
– Windows XP has built-in firewall
InternetInternet
![Page 37: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/37.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Encryption
• Makes data packets unreadable
– Changes plaintext into cipher text
– Encryption occurs at many levels
– Multiple encryption standards and options
Our lowest sell price is$150,000
Encryptionalgorithm
*2jkpS^aou23@`_4Laujpf
Decryptionalgorithm
Our lowest sell price is$150,000
![Page 38: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/38.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network Authentication
• Authentication– Proving who you are– Done by providing credentials
• i.e., user name and password– Credentials rarely passed in plaintext
• Common remote access protocols– PAP: Password Authentication Protocol (clear text)
• Rarely used– CHAP: Challenge Handshake Authentication
Protocol • Most popular
– MS-CHAP: Microsoft CHAP• Popular with Microsoft applications
![Page 39: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/39.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Encryption
• Dial-up encryption
– Set on the server
• Data encryption
– Multiple protocols possible
– Microsoft method of choiceis IPSec (IP Security)
![Page 40: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/40.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Application Encryption
• Many applications can use other protocols to encrypt data– On the Web, HTTPS commonly used– Use digital certificates– Certificates issued by trusted
authorities• Trusted authorities added to
Web browsers– Invalid certificates can
be cleared from cache
![Page 41: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/41.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Wireless Issues
• Set up wireless encryption– WEP,WPA, or preferably WPA2
• Have clients use static address – If you must use DHCP, limit available addresses
• Change default SSID– And disable SSID broadcast
• Filter by MAC addresses• Change default user name and
passwords• Turn on WAP firewall
![Page 42: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/42.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Reporting
• Event Viewer– Application – Security– System
![Page 43: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/43.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Event Viewer
• Can view errors that a user saw and forgot
• Can get help with errors by clicking the Microsoft link
![Page 44: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/44.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Reporting
• Auditing– Event auditing—logs events– Object access auditing—logs resource access– Someone else will set up—but you need to be
aware of the policies
• Incidence reporting– When events occur, you need to report them– Supervisors and/or managers may have more
information– Reporting one seemingly innocuous event may help
the supervisor solve a bigger problem
![Page 45: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/45.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Beyond A+
• Security in Windows Vista– User Account Control
• Helps prevent malware from running with administrator privileges
– Security Center• First appeared in Windows XP SP2• Enhanced in Windows Vista
– Parental Controls• Allows parents (or supervisors) to monitor and/or restrict
access• Can restrict Web sites and downloads, login times, games,
and more
![Page 46: Computer Security](https://reader035.fdocuments.us/reader035/viewer/2022070502/56813063550346895d963551/html5/thumbnails/46.jpg)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved