Unit 5 - Firewalls EFS and UAC
-
Upload
aubrey-webb -
Category
Documents
-
view
218 -
download
0
Transcript of Unit 5 - Firewalls EFS and UAC
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
1/20
Windows Security
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
2/20
Local Security Policy Start > Control Panel > System and Security > Administrative Tools Must be configured at the domain level Password policy
Enforce password history How often the same password can be reused? f setting is !" thenevery !rdreset you could use the same password #efault is $
Ma%imum password age How long before user has to change their password #efault is &' days
Minimum password age Shortest amount of time before a user can change their password #efault is $
Minimum password length How many characters? #efault is $" ( is usually recommended
Password must meet comple%ity re)uirements *e)uires comple% passwords to be used can+t include user+s account name" at least , characters in length" at least ! of the following uppercase" lowercase" numbers" symbols #efault is disabled
Account PoliciesAccount Policies
My-omputer-areer.com '
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
3/20
/ccount loc0out policy Prevents unauthori1ed access to Windows 2
-an configure an account to be temporarily disabled after anumber of incorrect log3on attempts /ccount loc0out threshold How many attempts?
#efault is $" meaning account loc0out isn+t in place until we configure it
/ccount loc0out duration How long are they loc0ed out? #efault !$ minutes
*eset account loc0out counter after How long before we startcounting the number of attempts? E%ample f the second attemptta0es place in 4$ minutes" do we still count that as the secondattempt
#efault is !$ minutes
Account Policies (cont'd.)Account Policies (cont'd.)
My-omputer-areer.com !
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
4/20
Start > All Programs > Windows Defender/ntispyware Spyware is software that installs silently on
your computer" monitors your behavior" and performs actionsbased on that behavior
5n3#emand Scanning Windows #efender can perform ad hoc scanning When you suspect that spyware is present on your computer
6uic0 scan Scans most common locations" li0e memory and load points7system files and application files8 9ull scan Scans the entire dis0 and running processes
Windows #efender can also perform scheduled scans *eal3:ime Scanning
-onstantly monitors your computer and alerts you when spyware
attempts to install ;etter than on3demand scanning because you are preventing the
problem rather than fi%ing it
Windows DefenderWindows Defender
My-omputer-areer.com &
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
5/20
*eal3:ime Scanning 7cont
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
6/20
Windows #efender /ctions
When malware is detected" it can be )uarantined" removed" orallowed
ou can define default actions that are applied for severe" high"
medium" and low alerts
9or e%ample" default action for a Severe alert is to remove the
program" but you could change the setting to )uarantine
Windows Defender (cont'd.)Windows Defender (cont'd.)
My-omputer-areer.com ,
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
7/20
@iruses are a different type ofsoftware than spyware
Some of the things viruses can do= Send spam from your computer to the
internet -apture usernames and passwords
for Web sites" including onlineban0ing
Steal enough personal information for
identity theft /llow others to remote control your
computer and use it as a launchingpoint for illegal activities
Windows 2 does not include anysoftware to protect your computer
from viruses Microsoft Security Essentials is a free
download
icrosoft Security !ssentialsicrosoft Security !ssentials
My-omputer-areer.com 2
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
8/20
Encryption ma0es data unreadable
#ecryption ma0es data readable again Symmetric encryption
Same 0ey to encrypt data and decrypt data
:he 0ey is a long number that is very hard to guess
4'( bit 0ey is considered strong for Symmetric Encryption Symmetric encryption is strong and fast Aood for encrypting large volumes of data such as files
Bsed by both E9S and ;itLoc0er #rive Encryption
;iggest problem is securing the 0ey
!ncry"tion Algorit#ms!ncry"tion Algorit#ms
My-omputer-areer.com (
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
9/20
/symmetric encryption
Cey si1es of >4'3bits" 4"$'& bits" and beyond Bses two 0eys to encrypt and decrypt data #ata encrypted by one 0ey is decrypted by the other
Ceys are part of a digital certificate
#igital certificates are obtained from certificate authorities
*e)uires more processing power and is less secure thansymmetric encryption
Bse symmetric encryption to encrypt the data and then useasymmetric encryption to protect Dust the symmetric 0ey
!ncry"tion Algorit#ms (cont'd.)!ncry"tion Algorit#ms (cont'd.)
My-omputer-areer.com
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
10/20
Hash encryption 5ne3way encryption t encrypts data" but the data cannot be decrypted
Bsed to uni)uely identify data rather than prevent accessto data
Sometimes hash values for data are called fingerprints
Bsed for storing passwords
!ncry"tion Algorit#ms (cont'd.)!ncry"tion Algorit#ms (cont'd.)
My-omputer-areer.com 4$
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
11/20
Encrypting 9ile System 7E9S8 9irst included with Windows '$$$ Professional
Encrypts individual files and folders on a partition
Suitable for protecting data files and folders on wor0stationsand laptops
*e)uires a digital certificate with a public and private 0ey Windows 2 automatically generates the certificate when you
encrypt a file
9ile or folder must be located on an F:9S3formattedpartition
Lost encryption 0eys f a user loses the E9S 0ey" then an encrypted file is
unrecoverable with the default configuration
!ncry"ting $ile System!ncry"ting $ile System
My-omputer-areer.com 44
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
12/20
Lost encryption 0eys Some ways E9S 0eys may be lost
:he user profile is corrupted
:he user profile is deleted accidentally
:he user is deleted from the system
:he user password is reset
n Bser /ccounts" there is an option
to manage file encryption certificates
/llows you to bac0 up certificates
:his allows the encrypted files to be
recovered if re)uired
!ncry"ting $ile System!ncry"ting $ile System
(cont'd.)(cont'd.)
My-omputer-areer.com 4'
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
13/20
%sing &itocer%sing &itocer
9irst released in @ista" and now available with
Windows 2 Enterprise and Bltimate Encrypts an entire volume to protect against
unauthori1ed persons" such as someone stealinga hard drive=
ncreased data protection
ntegrity chec0ing
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
14/20
%nderstanding &itocer%nderstanding &itocer
e*uirementse*uirements
-omputer must have a :rusted Platform Module
7:PM8 and a compatible ;5S. Has > operational modes=
:PM G startup PF G startup 0ey
:PM G startup 0ey
:PM G startup PF
Startup 0ey only
:PM only
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
15/20
Turning on &itocerTurning on &itocer
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
16/20
%sing Data ecovery Agents%sing Data ecovery Agents
(DA)(DA)
/ user account authori1ed to recover ;itLoc0erdrives with a digital certificate on a Smart -ard
Must be configured using Aroup Policy in an /#
#S Must enable #*/ recovery for each type of
;itLoc0er resource you want to recover
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
17/20
%sing &itocer To +o%sing &itocer To +o
Few feature in Windows 2 Enables user to encrypt removable BS; drives
9lash drives and e%ternal H#s
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
18/20
Windows $irewallWindows $irewall
Windows 2 includes an improved version ofWindows 9irewall to protect your computer
Standard firewall
Protects your computer by restricting which networ0
pac0ets are allowed to reach your computer
Host3based firewall
Evaluates each pac0et as it arrives on your P- and
determines whether that pac0et is allowed or denied on
5ne way to improve security on computers is by
reducing the attac0 surface
My-omputer-areer.com4(
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
19/20
$irewall Configuration$irewall Configuration
Start > Control Panel > System and Security Windows 9irewall -ontrol Panel window
Windows 2 allows custom firewall settings for each type of networ0location= home" wor0" or public
When Windows 9irewall is enabled #efault configuration bloc0s all incoming pac0ets e%cept for specifically
configured e%ceptions
:here is an option to bloc0 all incoming connections
My-omputer-areer.com4
Wi d $i ll i #
-
7/25/2019 Unit 5 - Firewalls EFS and UAC
20/20
/dvanced Settings allows
you to control 9irewall -reate nbound or 5utbound
rules for applications
-reate rules for PSec to helpmanage @PF connections
E%port" then import 9irewallsettings to other computers
Log successful orunsuccessful connections
Windows $irewall wit#Windows $irewall wit#
Advanced SettingsAdvanced Settings
My-omputer-areer.com '$