A+ Guide to IT Technical Support, 9th Edition

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
SECURITY CHECK Protecting Your System and Yourself Source:
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
CIT In this chapter you will learn how to:  Explain the threats to your computers and data  Describe key security concepts and technologies.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
3 Section C: Installing Software and Upgrades  Web Apps  Mobile Apps  Local Applications  Portable Software  Software Upgrades and Updates  Uninstalling.
Computer Viruses.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Complete CompTIA A+ Guide to PCs, 6e
Viruses & Destructive Programs
Securing Your Home Computer Presenter: Donnie Green Date: February 11, 2009 National Aeronautics and Space Administration
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.
Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Security for Seniors SeniorNet Help Desk
Component 4: Introduction to Information and Computer Science Unit 2: Internet and the World Wide Web.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
A+ Guide to Managing & Maintaining Your PC, 8th Edition
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
IT Security for Users By Matthew Moody.
Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
BUSINESS B1 Information Security.
1.1 System Performance Security Module 1 Version 5.
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
PLUG IT IN 7 Protecting Your Information Assets. 1.How to Protect Your Assets: The Basics 2.Behavioral Actions to Protect Your Information Assets 3.Computer-Based.
Troubleshooting Windows Vista Security Chapter 4.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
TECHNOLOGY GUIDE THREE Protecting Your Information Assets.
Your Interactive Guide to the Digital World Discovering Computers 2012.
Chapter 8 Computers and Society, Security, Privacy, and Ethics
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
© 2014 Pearson IT Certification Computer and Network Security.
INTERNET SAFETY FOR KIDS
Topic 5: Basic Security.
Computer Skills and Applications Computer Security.
IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
A+ Guide to Software: Managing, Maintaining, and Troubleshooting, Sixth Edition Chapter 9 Security Strategies.
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
W elcome to our Presentation. Presentation Topic Virus.
Cybersecurity Test Review Introduction to Digital Technology.
Any criminal action perpetrated primarily through the use of a computer.
CHAPTER 3 Securing your PC and LAN Suraya Alias. Securing your desktop or Notebook Computer ◦Know an access control ◦Limit use of the administrator accounts.
Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.
Computer Security Keeping you and your computer safe in the digital world.
Information Technology Security Office of the Vice President for Information Technology New Employee Orientation II.
Intro to Digital Technology Review for Final Introduction to Digital Technology Finals Seniors Monday, 5/16 – 2 nd Tuesday 5/17 – 1 st,3 rd Underclassmen.
A+ Guide to Managing and Maintaining Your PC, 7e
A+ Guide to Managing and Maintaining Your PC, 7e
TECHNOLOGY GUIDE THREE
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Implementing Client Security on Windows 2000 and Windows XP Level 150
The bios.
Security Strategies & Mitigating Threats
G061 - Network Security.
Presentation transcript:

A+ Guide to IT Technical Support, 9th Edition Chapter 18 Security Strategies Chapter 18 Security Strategies

Objectives Secure a Windows personal computer Secure a mobile device Implement additional security techniques to protect a computer or SOHO network and its resources Recognize, remove, and protect personal computers against malicious software Objectives Secure a Windows personal computer Secure a mobile device Implement additional security techniques to protect a computer or SOHO network and its resources Recognize, remove, and protect personal computers against malicious software A+ Guide to IT Technical Support, 9th Edition

Objectives Recognize, remove, and protect mobile devices against malicious software Follow company policies to address issues of software copyright infringement and violations of prohibited content or activities Objectives Recognize, remove, and protect mobile devices against malicious software Follow company policies to address issues of software copyright infringement and violations of prohibited content or activities A+ Guide to IT Technical Support, 9th Edition

Securing a Windows Personal Computer Two goals in securing network resources: To protect resources To not interfere with the functions of the system Sometimes these two goals are in conflict with each other Securing a Windows Personal Computer Two goals in securing network resources: To protect resources To not interfere with the functions of the system Sometimes these two goals are in conflict with each other A+ Guide to IT Technical Support, 9th Edition

Use Windows to Authenticate Users Controlling access to computer resources is done by: Authentication Proves that an individual is who he says he is Authorization Determines what an individual can do in the system after authentication Assign a password to each account created Best to give user the ability to change the password Use Windows to Authenticate Users Controlling access to computer resources is done by: Authentication Proves that an individual is who he says he is Authorization Determines what an individual can do in the system after authentication Assign a password to each account created Best to give user the ability to change the password A+ Guide to IT Technical Support, 9th Edition

Use Windows to Authenticate Users Require Secure Sign-in Normally, a user clicks name and enters password from Welcome screen Malware can sometimes intercept and trick users into providing user accounts and passwords More secure method requires user to press Ctrl+Alt+Del to get to logon The User Accounts utility (Network Places Wizard) can be used to change the way Windows sign-in works Use Windows to Authenticate Users Require Secure Sign-in Normally, a user clicks name and enters password from Welcome screen Malware can sometimes intercept and trick users into providing user accounts and passwords More secure method requires user to press Ctrl+Alt+Del to get to logon The User Accounts utility (Network Places Wizard) can be used to change the way Windows sign-in works A+ Guide to IT Technical Support, 9th Edition

Use Windows to Authenticate Users Figure 18-3 Change the way users log onto Windows A+ Guide to IT Technical Support, 9th Edition

Use Windows to Authenticate Users Lock a Workstation Quickest way to lock a workstation is to press the Win + L Another method is to press Ctrl+Alt+Delete User clicks Lock To unlock, user must enter password Disable the Guest account Disabled by default and should remain disabled Set up an account for visitors, create a standard account and name it Visitor Use Windows to Authenticate Users Lock a Workstation Quickest way to lock a workstation is to press the Win + L Another method is to press Ctrl+Alt+Delete User clicks Lock To unlock, user must enter password Disable the Guest account Disabled by default and should remain disabled Set up an account for visitors, create a standard account and name it Visitor A+ Guide to IT Technical Support, 9th Edition

Use Windows to Authenticate Users Create strong passwords Not easy to guess by humans and computer programs Criteria Use eight or more characters Combine uppercase and lowercase letters, numbers, symbols Use at least one symbol: second through sixth positions Do not use consecutive letters or numbers, adjacent keyboard keys, your logon name, words in any language Do not use same password for more than one system Use Windows to Authenticate Users Create strong passwords Not easy to guess by humans and computer programs Criteria Use eight or more characters Combine uppercase and lowercase letters, numbers, symbols Use at least one symbol: second through sixth positions Do not use consecutive letters or numbers, adjacent keyboard keys, your logon name, words in any language Do not use same password for more than one system A+ Guide to IT Technical Support, 9th Edition

File and Folder Encryption In Windows, files and folders can be encrypted using Windows Encrypted File System (EFS) Works only with the NTFS file system and business/professional editions of Windows If a folder is marked for encryption, every file created in or copied to the folder will be encrypted An encrypted file remains encrypted if moved to an unencrypted folder File and Folder Encryption In Windows, files and folders can be encrypted using Windows Encrypted File System (EFS) Works only with the NTFS file system and business/professional editions of Windows If a folder is marked for encryption, every file created in or copied to the folder will be encrypted An encrypted file remains encrypted if moved to an unencrypted folder A+ Guide to IT Technical Support, 9th Edition

File and Folder Encryption Figure 18-9 Encrypt a folder and all its contents A+ Guide to IT Technical Support, 9th Edition

Windows Firewall Settings A router can serve as a hardware firewall In addition, a large corporation might use a software firewall (called corporate firewall) installed on a computer between Internet and the network A personal firewall (also called host firewall) is software on a computer to protect that computer Windows Firewall is a personal firewall that protects a computer Automatically configured when you set up your security level for a new network connection Can also customize the settings Windows Firewall Settings A router can serve as a hardware firewall In addition, a large corporation might use a software firewall (called corporate firewall) installed on a computer between Internet and the network A personal firewall (also called host firewall) is software on a computer to protect that computer Windows Firewall is a personal firewall that protects a computer Automatically configured when you set up your security level for a new network connection Can also customize the settings A+ Guide to IT Technical Support, 9th Edition

Windows Firewall Settings Figure 18-10 Three types of firewalls used to protect a network and individual computers on the network A+ Guide to IT Technical Support, 9th Edition

Local Security Policies Using Group Policy Group Policy: controls what users can do with a system and how the system is used Available with business and professional editions of Windows Can set security policies to help secure a workstation Example: require all users to have passwords and to rename default user accounts Local Security Policies Using Group Policy Group Policy: controls what users can do with a system and how the system is used Available with business and professional editions of Windows Can set security policies to help secure a workstation Example: require all users to have passwords and to rename default user accounts A+ Guide to IT Technical Support, 9th Edition

Use BitLocker Encryption Encrypts entire Windows volume and any other volume on the drive Works in partnership with file and folder encryption Three ways to use BitLocker Encryption Computer authentication Computer has a chip on motherboard called TPM (Trusted Platform Module) that holds BitLocker key If hard drive is stolen, BitLocker would not allow access without BitLocker key User authentication – startup key stored on USB drive Computer and user authentication – PIN or password required at every startup Use BitLocker Encryption Encrypts entire Windows volume and any other volume on the drive Works in partnership with file and folder encryption Three ways to use BitLocker Encryption Computer authentication Computer has a chip on motherboard called TPM (Trusted Platform Module) that holds BitLocker key If hard drive is stolen, BitLocker would not allow access without BitLocker key User authentication – startup key stored on USB drive Computer and user authentication – PIN or password required at every startup A+ Guide to IT Technical Support, 9th Edition

Use BitLocker Encryption Provides great security at a price Risk the chance of TPM failure Risk losing all copies of the BitLocker (startup) key Use BitLocker only if the risks of BitLocker giving problems outweigh the risk of stolen data Use BitLocker Encryption Provides great security at a price Risk the chance of TPM failure Risk losing all copies of the BitLocker (startup) key Use BitLocker only if the risks of BitLocker giving problems outweigh the risk of stolen data A+ Guide to IT Technical Support, 9th Edition

Use UEFI/BIOS Features to Protect the System UEFI/BIOS security features Power-on passwords Supervisor password – required to change BIOS setup User password – required to use the system or view UEFI/BIOS setup Drive lock password – required to access the hard drive Stored on the hard drive so it will still control access to drive in the event the drive is removed Some laptops contain LoJack technology on motherboard If software is installed, laptop can be tracked Use UEFI/BIOS Features to Protect the System UEFI/BIOS security features Power-on passwords Supervisor password – required to change BIOS setup User password – required to use the system or view UEFI/BIOS setup Drive lock password – required to access the hard drive Stored on the hard drive so it will still control access to drive in the event the drive is removed Some laptops contain LoJack technology on motherboard If software is installed, laptop can be tracked A+ Guide to IT Technical Support, 9th Edition

Use UEFI/BIOS Features to Protect the System Figure 18-18 Submenu shows how to set a hard drive password that will be written on the drive A+ Guide to IT Technical Support, 9th Edition

Securing a Mobile Device Need to secure the following on a smart phone or tablet: Data Videos and photos Network connection settings Purchasing patterns and history (as well as credit card information) Securing a Mobile Device Need to secure the following on a smart phone or tablet: Data Videos and photos Network connection settings Purchasing patterns and history (as well as credit card information) A+ Guide to IT Technical Support, 9th Edition

Device Access Controls Consider the following lock methods: Android screen lock iOS screen lock Biometric authentication Full device encryption Restrict iOS failed login attempts Restrict Android failed login attempts Multifactor authentication Device Access Controls Consider the following lock methods: Android screen lock iOS screen lock Biometric authentication Full device encryption Restrict iOS failed login attempts Restrict Android failed login attempts Multifactor authentication A+ Guide to IT Technical Support, 9th Edition

Software Security Software methods to secure mobile data: OS updates and patches Antivirus/anti-malware Trusted sources Firewalls Android locator application and remote wipe iOS locator application and remote wipe Software Security Software methods to secure mobile data: OS updates and patches Antivirus/anti-malware Trusted sources Firewalls Android locator application and remote wipe iOS locator application and remote wipe A+ Guide to IT Technical Support, 9th Edition

Mobile Security in Corporate Environments BYOD (Bring Your Own Device) An employee or student is allowed to connect their own device to the corporate network For security purposes Organization configures a person’s device before allowing it to connect to the network (a process called on-boarding) Reverse process is called off-boarding Mobile Security in Corporate Environments BYOD (Bring Your Own Device) An employee or student is allowed to connect their own device to the corporate network For security purposes Organization configures a person’s device before allowing it to connect to the network (a process called on-boarding) Reverse process is called off-boarding A+ Guide to IT Technical Support, 9th Edition

Mobile Security in Corporate Environments Facts about on-boarding/off-boarding: On-boarding might include installing an app on a device On-boarding might install a remote backup application Remotely backs up data to a company’s file server Off-boarding might include the ability to perform a remote wipe on a device that is lost or stolen Two examples of software that support on-/off-boarding: Microsoft Exchange server and Google Apps Mobile Management software Mobile Security in Corporate Environments Facts about on-boarding/off-boarding: On-boarding might include installing an app on a device On-boarding might install a remote backup application Remotely backs up data to a company’s file server Off-boarding might include the ability to perform a remote wipe on a device that is lost or stolen Two examples of software that support on-/off-boarding: Microsoft Exchange server and Google Apps Mobile Management software A+ Guide to IT Technical Support, 9th Edition

Additional Methods to Protect Resources In this part of chapter, you will learn: To securely authenticate users on a large network Physically protect computer resources Destroy data before you toss out a storage device Educate users to not compromise security measures in place Additional Methods to Protect Resources In this part of chapter, you will learn: To securely authenticate users on a large network Physically protect computer resources Destroy data before you toss out a storage device Educate users to not compromise security measures in place A+ Guide to IT Technical Support, 9th Edition

Authenticate Users For Large Networks Security Tokens and Smart Cards Small device containing authentication information Most popular type of token is a smart card Keyed into a logon window by a user Read by a smart card reader Transmitted wirelessly Variations of smart cards Key fob Wireless token Memory stripe card Cell phone with token Authenticate Users For Large Networks Security Tokens and Smart Cards Small device containing authentication information Most popular type of token is a smart card Keyed into a logon window by a user Read by a smart card reader Transmitted wirelessly Variations of smart cards Key fob Wireless token Memory stripe card Cell phone with token A+ Guide to IT Technical Support, 9th Edition

Authenticate Users For Large Networks Figure 18-23 Smart card is read by a smart card reader A+ Guide to IT Technical Support, 9th Edition

Authenticate Users For Large Networks Biometric data Validates the person’s physical body Biometric device - input device that inputs biological data about a person which can identify a person’s Forms of biometric data: Fingerprints Retinal scans (scans part of the eye) Handprints Face recognition Voice recognition Authenticate Users For Large Networks Biometric data Validates the person’s physical body Biometric device - input device that inputs biological data about a person which can identify a person’s Forms of biometric data: Fingerprints Retinal scans (scans part of the eye) Handprints Face recognition Voice recognition A+ Guide to IT Technical Support, 9th Edition

Physical Security Methods and Devices Best practices for physical security: Keep really private data under lock and key Lock down the computer case Use lock and chain To physically tie computer to a desk or other permanent fixture Privacy filters Fits over the screen to prevent it from being read from a wide angle Physical Security Methods and Devices Best practices for physical security: Keep really private data under lock and key Lock down the computer case Use lock and chain To physically tie computer to a desk or other permanent fixture Privacy filters Fits over the screen to prevent it from being read from a wide angle A+ Guide to IT Technical Support, 9th Edition

Physical Security Methods and Devices Best practices for physical security (cont’d): Use a theft-prevention plate Embed it into the case or engrave your ID information into it Mantrap and security guard Consists of two doors on either end of a small entryway First door must close before second door can open Separate form of ID might be required for each door Security guard might maintain an entry control roster List of authorized people Physical Security Methods and Devices Best practices for physical security (cont’d): Use a theft-prevention plate Embed it into the case or engrave your ID information into it Mantrap and security guard Consists of two doors on either end of a small entryway First door must close before second door can open Separate form of ID might be required for each door Security guard might maintain an entry control roster List of authorized people A+ Guide to IT Technical Support, 9th Edition

Digital Security Methods and Resources Windows Firewall is an example of digital-based security Additional software security measures: VPN (Virtual Private Network) E-mail filtering Trusted software sources Access control lists (ACLs) Digital Security Methods and Resources Windows Firewall is an example of digital-based security Additional software security measures: VPN (Virtual Private Network) E-mail filtering Trusted software sources Access control lists (ACLs) A+ Guide to IT Technical Support, 9th Edition

Unified Threat Management (UTM) Appliance Next-generation firewall (NGFW) combines firewall software with antivirus/anti-malware software Can offer comprehensive Unified Threat Management (UTM) services UTM appliance stands between the Internet and a private network and protect the network Also called a security appliance, network appliance, or Internet appliance Unified Threat Management (UTM) Appliance Next-generation firewall (NGFW) combines firewall software with antivirus/anti-malware software Can offer comprehensive Unified Threat Management (UTM) services UTM appliance stands between the Internet and a private network and protect the network Also called a security appliance, network appliance, or Internet appliance A+ Guide to IT Technical Support, 9th Edition

Unified Threat Management (UTM) Appliance A UTM appliance might offer: Firewall Antivirus and anti-malware software Identity-based access control lists Intrusion detection system (IDS) Intrusion prevention system (IPS) VPN Unified Threat Management (UTM) Appliance A UTM appliance might offer: Firewall Antivirus and anti-malware software Identity-based access control lists Intrusion detection system (IDS) Intrusion prevention system (IPS) VPN A+ Guide to IT Technical Support, 9th Edition

Unified Threat Management (UTM) Appliance Figure 18-28 A UTM appliance is considered a next-generation firewall that can protect a private network A+ Guide to IT Technical Support, 9th Edition

Data Destruction and Disposal Ways to destroy printed documents and sanitize storage devices: Use a paper shredder Overwrite data on the drive Physically destroy the storage media For magnetic devices, use a degausser Exposes a storage device to a strong magnetic field to completely erase data For solid-state devices, use a Secure Erase utility Use a secure data-destruction service Data Destruction and Disposal Ways to destroy printed documents and sanitize storage devices: Use a paper shredder Overwrite data on the drive Physically destroy the storage media For magnetic devices, use a degausser Exposes a storage device to a strong magnetic field to completely erase data For solid-state devices, use a Secure Erase utility Use a secure data-destruction service A+ Guide to IT Technical Support, 9th Edition

Data Destruction and Disposal Figure 18-30 Use a degausser to sanitize a magnetic hard drive or tape A+ Guide to IT Technical Support, 9th Edition

Educate Users Important security measures for users Never give out passwords to anyone Do not store passwords on a computer Do not use same password on more than one system Be aware of shoulder surfing Other people peek at your monitor screen Lock down your workstation each time you step away Be on the alert for tailgating When someone who is unauthorized follows the employee through a secured entrance Also when someone continues to use a Windows session Educate Users Important security measures for users Never give out passwords to anyone Do not store passwords on a computer Do not use same password on more than one system Be aware of shoulder surfing Other people peek at your monitor screen Lock down your workstation each time you step away Be on the alert for tailgating When someone who is unauthorized follows the employee through a secured entrance Also when someone continues to use a Windows session A+ Guide to IT Technical Support, 9th Edition

Educate Users Social engineering techniques Don’t forward an email hoax Site to help you debunk a virus or email hoax: snopes.com securelist.com virusbtn.com Phishing: a type of identity theft where the sender of an email scams you into responding with personal data An email message might contain a link that leads to a malicious script Educate Users Social engineering techniques Don’t forward an email hoax Site to help you debunk a virus or email hoax: snopes.com securelist.com virusbtn.com Phishing: a type of identity theft where the sender of an email scams you into responding with personal data An email message might contain a link that leads to a malicious script A+ Guide to IT Technical Support, 9th Edition

Educate Users A+ Guide to IT Technical Support, 9th Edition Figure 18-31 This phishing technique using an email message with an attached file is an example of social engineering A+ Guide to IT Technical Support, 9th Edition

Educate Users Commonsense rules to protect a laptop: Always know where your laptop is Never check in your laptop as baggage Never leave in overhead bins, keep at feet Never leave a laptop in an unlocked car or hotel room Use a laptop cable lock to secure to table if you must leave it in a hotel room When at work, lock your laptop in a secure place Educate Users Commonsense rules to protect a laptop: Always know where your laptop is Never check in your laptop as baggage Never leave in overhead bins, keep at feet Never leave a laptop in an unlocked car or hotel room Use a laptop cable lock to secure to table if you must leave it in a hotel room When at work, lock your laptop in a secure place A+ Guide to IT Technical Support, 9th Edition

Dealing With Malicious Software on Personal Computers Malicious software (malware, computer infestation) Any unwanted program that means harm Transmitted to a computer without user’s knowledge Grayware Any annoying and unwanted program Might or might not mean harm Dealing With Malicious Software on Personal Computers Malicious software (malware, computer infestation) Any unwanted program that means harm Transmitted to a computer without user’s knowledge Grayware Any annoying and unwanted program Might or might not mean harm A+ Guide to IT Technical Support, 9th Edition

What Are We Up Against? Viruses Spyware software Replicates by attaching itself to other programs Program might be an application, macro, Windows system file, or a boot loader program Spyware software Spies on user and collects personal information An example: Keylogger Tracks all keystrokes What Are We Up Against? Viruses Replicates by attaching itself to other programs Program might be an application, macro, Windows system file, or a boot loader program Spyware software Spies on user and collects personal information An example: Keylogger Tracks all keystrokes A+ Guide to IT Technical Support, 9th Edition

What Are We Up Against? Worms Trojans Copies itself throughout a network or the Internet without a host program Overloads the network Trojans Does not need a host program to work Substitutes itself for a legitimate program Often downloaded from a web site or a user is tricked into opening an email attachment What Are We Up Against? Worms Copies itself throughout a network or the Internet without a host program Overloads the network Trojans Does not need a host program to work Substitutes itself for a legitimate program Often downloaded from a web site or a user is tricked into opening an email attachment A+ Guide to IT Technical Support, 9th Edition

What Are We Up Against? Rootkit Ransomware Zero-day attack Virus that loads itself before the OS boot is complete Can hide folders that contain software it has installed Can hijack internal Windows components so it masks information Windows provides to user mode utilities Ransomware Holds your computer system hostage until you pay money Zero-day attack Can happen when a hacker discovers a security hole What Are We Up Against? Rootkit Virus that loads itself before the OS boot is complete Can hide folders that contain software it has installed Can hijack internal Windows components so it masks information Windows provides to user mode utilities Ransomware Holds your computer system hostage until you pay money Zero-day attack Can happen when a hacker discovers a security hole A+ Guide to IT Technical Support, 9th Edition

What Are We Up Against? Man-in-the-middle attack Zombies and botnets Attacker presents a program or himself as someone else to obtain private information Zombies and botnets Zombie is a computer that has been hacked Hacker uses the computer to run repetitive software in the background Botnet is an entire network of zombies Dictionary attack Used to crack a long password by trying words in a dictionary What Are We Up Against? Man-in-the-middle attack Attacker presents a program or himself as someone else to obtain private information Zombies and botnets Zombie is a computer that has been hacked Hacker uses the computer to run repetitive software in the background Botnet is an entire network of zombies Dictionary attack Used to crack a long password by trying words in a dictionary A+ Guide to IT Technical Support, 9th Edition

What Are We Up Against? Non-compliant systems and violations of security best practices Microsoft System Center is used to remotely configure computers and monitor their configurations Administrators can view reports to look for non-compliant systems that violate security best practices Such as out-of-date anti-malware software What Are We Up Against? Non-compliant systems and violations of security best practices Microsoft System Center is used to remotely configure computers and monitor their configurations Administrators can view reports to look for non-compliant systems that violate security best practices Such as out-of-date anti-malware software A+ Guide to IT Technical Support, 9th Edition

Step-By-Step Attack Plan Step 1: Identify Malware Symptoms Pop-up ads and browser redirection Rogue antivirus software Slow performance or lock ups Internet connectivity issues, application crashes, and OS updates fail Problems with files Email problems Can’t update anti-malware software Invalid digital certificates Step-By-Step Attack Plan Step 1: Identify Malware Symptoms Pop-up ads and browser redirection Rogue antivirus software Slow performance or lock ups Internet connectivity issues, application crashes, and OS updates fail Problems with files Email problems Can’t update anti-malware software Invalid digital certificates A+ Guide to IT Technical Support, 9th Edition

Step-By-Step Attack Plan Step 2: Quarantine an Infected System Prevent spreading of malware Immediately disconnect from network or turn off the wireless adapter Download antivirus software Disconnect other computers while infected computer connected Connect infected computer directly to the ISP Boot into Safe Mode with Networking Before cleaning up infected system back up data to another media Step-By-Step Attack Plan Step 2: Quarantine an Infected System Prevent spreading of malware Immediately disconnect from network or turn off the wireless adapter Download antivirus software Disconnect other computers while infected computer connected Connect infected computer directly to the ISP Boot into Safe Mode with Networking Before cleaning up infected system back up data to another media A+ Guide to IT Technical Support, 9th Edition

Step-By-Step Attack Plan Step 3: Disable System Restore Some malware hides its program files in restore points in the System Volume Information folder maintained by System Protection If System Protection is on, anti-malware software can’t clean this protected folder To get rid of malware, turn off System Protection Step-By-Step Attack Plan Step 3: Disable System Restore Some malware hides its program files in restore points in the System Volume Information folder maintained by System Protection If System Protection is on, anti-malware software can’t clean this protected folder To get rid of malware, turn off System Protection A+ Guide to IT Technical Support, 9th Edition

Step-By-Step Attack Plan Step 4: Remediate the Infected System Before selecting AV software, read reviews and check out reliable web sites that rate AV software Step-By-Step Attack Plan Step 4: Remediate the Infected System Before selecting AV software, read reviews and check out reliable web sites that rate AV software Table 18-1 Antivirus software and websites A+ Guide to IT Technical Support, 9th Edition

Step-By-Step Attack Plan Step 4: Remediate the Infected System (cont’d) Run anti-malware software already installed Update software and perform a full scan Run anti-malware software from a networked computer Install and run anti-malware software on the infected computer Install and run anti-malware software in Safe Mode Run anti-malware software from a bootable rescue CD or flash drive Step-By-Step Attack Plan Step 4: Remediate the Infected System (cont’d) Run anti-malware software already installed Update software and perform a full scan Run anti-malware software from a networked computer Install and run anti-malware software on the infected computer Install and run anti-malware software in Safe Mode Run anti-malware software from a bootable rescue CD or flash drive A+ Guide to IT Technical Support, 9th Edition

Step-By-Step Attack Plan Step 4: Remediate the Infected System (cont’d) Clean Up What’s Left Over Respond to any startup errors Research malware types and program files Delete files Clean the registry Clean up Internet Explorer and uninstall unwanted programs Step-By-Step Attack Plan Step 4: Remediate the Infected System (cont’d) Clean Up What’s Left Over Respond to any startup errors Research malware types and program files Delete files Clean the registry Clean up Internet Explorer and uninstall unwanted programs A+ Guide to IT Technical Support, 9th Edition

Step-By-Step Attack Plan Step 5: Protect the System with Scheduled Scans and Updates Use anti-malware software Always use a software firewall Keep Windows updates current Step 6: Enable System Protection and Create a Restore Point Once system is clean Step-By-Step Attack Plan Step 5: Protect the System with Scheduled Scans and Updates Use anti-malware software Always use a software firewall Keep Windows updates current Step 6: Enable System Protection and Create a Restore Point Once system is clean A+ Guide to IT Technical Support, 9th Edition

Step-By-Step Attack Plan Step 7: Educate the User Go over with the user some tips presented earlier in this chapter to keep the system free from malware Step-By-Step Attack Plan Step 7: Educate the User Go over with the user some tips presented earlier in this chapter to keep the system free from malware A+ Guide to IT Technical Support, 9th Edition

Dealing with Malicious Software on Mobile Devices This section covers how to deal with malicious software on mobile devices Begin by learning how to recognize an infected device Dealing with Malicious Software on Mobile Devices This section covers how to deal with malicious software on mobile devices Begin by learning how to recognize an infected device A+ Guide to IT Technical Support, 9th Edition

Common Mobile Device Malware Symptoms Symptoms that malware might be at work on an Android, iOS, or Windows Phone device: Battery drain, slow speeds, leaked data, strange text messages, and data transmission over limits Dropped phone calls or weak signal Unintended Wi-Fi and Bluetooth connections Unauthorized account access Unauthorized location tracking Unauthorized use of camera or microphone Common Mobile Device Malware Symptoms Symptoms that malware might be at work on an Android, iOS, or Windows Phone device: Battery drain, slow speeds, leaked data, strange text messages, and data transmission over limits Dropped phone calls or weak signal Unintended Wi-Fi and Bluetooth connections Unauthorized account access Unauthorized location tracking Unauthorized use of camera or microphone A+ Guide to IT Technical Support, 9th Edition

Common Mobile Device Malware Symptoms Symptoms that malware might be at work on an Android, iOS, or Windows Phone device (cont’d): Unauthorized root access Jailbroken iOS device Rotted Android device Rooted Windows Phone Common Mobile Device Malware Symptoms Symptoms that malware might be at work on an Android, iOS, or Windows Phone device (cont’d): Unauthorized root access Jailbroken iOS device Rotted Android device Rooted Windows Phone A+ Guide to IT Technical Support, 9th Edition

Mobile Device Tools and Malware Removal General steps for removing malware: Uninstall the offending app Update the OS Remove root access to the device Unroot with the app that was used to root the device Download a root removal app Factory reset Mobile Device Tools and Malware Removal General steps for removing malware: Uninstall the offending app Update the OS Remove root access to the device Unroot with the app that was used to root the device Download a root removal app Factory reset A+ Guide to IT Technical Support, 9th Edition

Mobile Device Tools and Malware Removal After removing malware: Don’t jailbreak or root a device and keep OS updates current Educate users about importance of privacy settings and of not opening email attachments Consider installing an anti-malware app Wi-Fi Analyzers Can be used to detect devices not authorized to use the network, identify attempts made by connected devices to hack transmissions, and identify their physical location Mobile Device Tools and Malware Removal After removing malware: Don’t jailbreak or root a device and keep OS updates current Educate users about importance of privacy settings and of not opening email attachments Consider installing an anti-malware app Wi-Fi Analyzers Can be used to detect devices not authorized to use the network, identify attempts made by connected devices to hack transmissions, and identify their physical location A+ Guide to IT Technical Support, 9th Edition

Mobile Device Tools and Malware Removal Cellular Network Analyzers Used to monitor cellular networks for signal strength of cell towers, WAPs, and repeaters Can also monitor for interference, performance, and voice and data transmissions Mobile Device Tools and Malware Removal Cellular Network Analyzers Used to monitor cellular networks for signal strength of cell towers, WAPs, and repeaters Can also monitor for interference, performance, and voice and data transmissions A+ Guide to IT Technical Support, 9th Edition

Software Licensing and Prohibited Content or Activity Many organizations have a code of conduct that applies to employees and/or customers Part of a technician’s job might include keeping track of software licensing to ensure that a company is not using pirated software Must ensure that unauthorized copies of original software are not being produced (software piracy) When you start a new job, find out how to deal with prohibited content or activity Software Licensing and Prohibited Content or Activity Many organizations have a code of conduct that applies to employees and/or customers Part of a technician’s job might include keeping track of software licensing to ensure that a company is not using pirated software Must ensure that unauthorized copies of original software are not being produced (software piracy) When you start a new job, find out how to deal with prohibited content or activity A+ Guide to IT Technical Support, 9th Edition

Software Licensing and Prohibited Content or Activity Things you need to know: Go through the proper channels when you suspect an infringement of the law What data or device should you preserve as evidence for what you believe has happened? What documentation are you expected to submit and to whom is it submitted? Proper documentation surrounding the evidence of a crime is crucial to a criminal investigation Software Licensing and Prohibited Content or Activity Things you need to know: Go through the proper channels when you suspect an infringement of the law What data or device should you preserve as evidence for what you believe has happened? What documentation are you expected to submit and to whom is it submitted? Proper documentation surrounding the evidence of a crime is crucial to a criminal investigation A+ Guide to IT Technical Support, 9th Edition

Summary The netplwiz command can be used to require user to press Ctrl+Alt+Del to logon to Windows Windows power settings can be used to lock down a workstation after inactivity and require a password to unlock the workstation Encrypted File System (EFS) is used with NTFS volume in Windows business and professional versions Windows Firewall, Group Policy, BitLocker Encryption, and UEFI/BIOS security features can all be used to help secure a computer and its data Summary The netplwiz command can be used to require user to press Ctrl+Alt+Del to logon to Windows Windows power settings can be used to lock down a workstation after inactivity and require a password to unlock the workstation Encrypted File System (EFS) is used with NTFS volume in Windows business and professional versions Windows Firewall, Group Policy, BitLocker Encryption, and UEFI/BIOS security features can all be used to help secure a computer and its data A+ Guide to IT Technical Support, 9th Edition

Summary Large networks might use smart cards and biometric data to authenticate a user Physical security can include a locked door, lock and chain, or privacy filter Data can be destroyed using a paper shredder, low-level format, drill, degausser, or Secure Erase utility Educate users against social engineering and how to best protect a laptop when traveling Summary Large networks might use smart cards and biometric data to authenticate a user Physical security can include a locked door, lock and chain, or privacy filter Data can be destroyed using a paper shredder, low-level format, drill, degausser, or Secure Erase utility Educate users against social engineering and how to best protect a laptop when traveling A+ Guide to IT Technical Support, 9th Edition

Summary Malware includes a virus, spyware, keylogger, worm, Trojan, rootkit, ransomware, zero-day attack, man-in-the-middle attack, zombies, botnets, and dictionary attacks Malware symptoms include pop-up ads, slow performance, error messages, file errors, spam, and strange processes running When you suspect a computer is infected, immediately quarantine it Summary Malware includes a virus, spyware, keylogger, worm, Trojan, rootkit, ransomware, zero-day attack, man-in-the-middle attack, zombies, botnets, and dictionary attacks Malware symptoms include pop-up ads, slow performance, error messages, file errors, spam, and strange processes running When you suspect a computer is infected, immediately quarantine it A+ Guide to IT Technical Support, 9th Edition

Summary Symptoms of malware on mobile devices include battery drain, slow speeds, leaked data, dropped calls, and unintended Wi-Fi and Bluetooth connections, location tracking, unauthorized use of camera or microphone, and root access Commercial licensing of software can be a personal license or enterprise license A chain-of-custody document provides a paper trail of evidence in a criminal case Summary Symptoms of malware on mobile devices include battery drain, slow speeds, leaked data, dropped calls, and unintended Wi-Fi and Bluetooth connections, location tracking, unauthorized use of camera or microphone, and root access Commercial licensing of software can be a personal license or enterprise license A chain-of-custody document provides a paper trail of evidence in a criminal case A+ Guide to IT Technical Support, 9th Edition

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.