Chapter 2 Desktop Security

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
B.A. (Mahayana Studies) Introduction to Computer Science November March Safety and Security What are the main safety and security.
Security Awareness Chapter 2 Desktop Security. Objectives After completing this chapter, you should be able to do the following: Describe the different.
Security Awareness Chapter 2 Desktop Security. After completing this chapter, you should be able to do the following:  Describe the different types of.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Security Awareness: Applying Practical Security in Your World
Lecture 11 Reliability and Security in IT infrastructure.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 5: User Environment and Multiple Languages.
COMPUTER BACKUP A disaster will happen to you one day…an accidentally deleted file, a new program that caused problems or a virus that wreaked havoc, wiping.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.
Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Video Following is a video of what can happen if you don’t update your security settings! security.
1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Desktop Security After completing this lesson, you should be able to do the following: Describe the different types of software and hardware attacks List.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.
Course ILT Computers and society Unit objectives Identify the main uses of computers in daily life, and identify the benefits of using Describe.
Understanding and Troubleshooting Your PC. Chapter 12: Maintenance and Troubleshooting Fundamentals2 Chapter Objectives  In this chapter, you will learn:
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
BUSINESS B1 Information Security.
Chapter Fourteen Windows XP Professional Fault Tolerance.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 5 Windows XP Professional McGraw-Hill.
CIS 450 – Network Security Chapter 8 – Password Security.
PLUG IT IN 7 Protecting Your Information Assets. 1.How to Protect Your Assets: The Basics 2.Behavioral Actions to Protect Your Information Assets 3.Computer-Based.
 a crime committed on a computer network, esp. the Internet.
VIRUS Is a computer program that can copy itself and infect a computer without permission or knowledge of the user or is a program or piece of code that.
1 Higher Computing Topic 8: Supporting Software Updated
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
Your Interactive Guide to the Digital World Discovering Computers 2012.
System Security Chapter no 16. Computer Security Computer security is concerned with taking care of hardware, Software and data The cost of creating data.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Types of Electronic Infection
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.
XP Practical PC, 3e Chapter 6 1 Protecting Your Files.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Topic 5: Basic Security.
VIRUS.
Computer Skills and Applications Computer Security.
Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.
IT1001 – Personal Computer Hardware & system Operations Week7- Introduction to backup & restore tools Introduction to user account with access rights.
INFORMATION TECHNOLOGY IN A GLOBAL SOCIETY: SECURITY Taylor Moncrief.
W elcome to our Presentation. Presentation Topic Virus.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.
MUHAMMAD GHAZI AIMAN BIN MOHD AIDI. DEFINITION  A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly.
By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.
Information Systems Design and Development Security Precautions Computing Science.
Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.
Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Security on Peer-to-Peer Networks.
Technical Implementation: Security Risks
Computer Viruses Author: Alyse Allen.
Security Issues in Information Technology
Chapter Objectives In this chapter, you will learn:
Chap 10 Malicious Software.
Chap 10 Malicious Software.
G061 - Network Security.
Presentation transcript:

Chapter 2 Desktop Security Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 2 Desktop Security

Objectives Describe the type of attacks that are launched against a desktop computer List the defenses that can be set up to protect a desktop computer Describe the steps for recovering from an attack Security Awareness: Applying Practical Security in Your World, 2e

Attacks on Desktop Security Malicious software (malware) Can break into and create havoc on desktop computers Internet service providers (ISPs) in North America Spend $245 million annually to combat malware Virus Secretly attaches itself to document or program and executes when document or program is opened Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Viruses Require a host to carry them from one system to another Possible effects Cause a computer to continually crash Erase files from a hard drive Install hidden programs Reduce security settings Reformat the hard disk drive Security Awareness: Applying Practical Security in Your World, 2e

Viruses (continued) Symptoms that indicate virus infection Program suddenly disappears from computer New programs do not install properly Out-of-memory error messages appear Unusual dialog boxes or message boxes appear Computer runs slowly and takes a long time to start Significant amount of modem activity Security Awareness: Applying Practical Security in Your World, 2e

Worms Difference between worms and viruses Virus Worm Must attach itself to a computer document Spreads by traveling along with the document Requires action by computer user to begin execution Worm Does not attach to a document to spread Can travel by itself Needs user to perform an action Security Awareness: Applying Practical Security in Your World, 2e

Logic Bombs Computer programs that lay dormant until triggered by a specific logical event Once triggered Can perform various malicious activities Extremely difficult to detect before triggered Security Awareness: Applying Practical Security in Your World, 2e

Basic Attacks Social engineering Password guessing Physical theft or lost data Improper use of recycled computers Security Awareness: Applying Practical Security in Your World, 2e

Social Engineering Relies on tricking and deceiving someone to access a system Dumpster diving Digging through trash receptacles to find Computer manuals Printouts Password lists Security Awareness: Applying Practical Security in Your World, 2e

Password Guessing Password Characteristics of weak passwords Secret combination of letters and numbers that validates or authenticates a user Characteristics of weak passwords Passwords that are short Common word used as a password Using the same password for all accounts Personal information in a password Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Password Guessing (continued) Brute force Attacker attempts to create every possible password combination Dictionary attack Attacker takes each word from dictionary and encodes it Attacker then compares the encoded dictionary words against those in the encoded password file Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Physical Theft or Lost Data February 2005 Bank of America lost computer backup tapes Containing personal information on about 1.2 million charge card users May 2005 AOL reported that information on 600,000 current and former employees was missing June 2005 Citigroup announced that personal information on 3.9 million consumer lending customers of its CitiFinancial subsidiary was lost or stolen Security Awareness: Applying Practical Security in Your World, 2e

Improperly Recycled Computers Many organizations and individuals recycle older computers by giving them to schools, charities, or selling them online Deleting files does not remove the information Only deletes filename from hard disk table Even reformatting a drive, or preparing the hard drive to store files, may not fully erase data on it Security Awareness: Applying Practical Security in Your World, 2e

Desktop Defenses Patch software Microsoft Windows operating system Software security updates Microsoft Windows operating system Most frequently distributed patch software Microsoft Releases patches on second Tuesday of every month Typically releases 5-15 software patches for download and installation Security Awareness: Applying Practical Security in Your World, 2e

Desktop Defenses (continued) Microsoft classifies patches based on level of vulnerability that patch fixes Critical Important Moderate Low Security Awareness: Applying Practical Security in Your World, 2e

Desktop Defenses (continued) Update configuration options Automatic Download Notify Turnoff Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Antivirus Software Best defense against viruses Generally configured to Constantly monitor for viruses Automatically check for updated signature files Allows for manual signature updates Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Strong Authentication Methods Basic rules for creating strong passwords Passwords must have at least eight characters Passwords must contain a combination of letters, numbers, and special characters Passwords should be replaced every 30 days Passwords should not be reused for 12 months Same password should not be used on two or more systems or accounts Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Strong Authentication Methods (continued) Biometrics Uses unique human characteristics for authentication Most common biometric device Fingerprint scanner High-end scanners Relatively expensive Can be difficult to use Can reject authorized users while accepting unauthorized users Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Protecting Laptop Computers Device lock Consists of a steel cable and a lock Economical, simple and quick to install Very portable Stealth signal transmitter Software installed on laptop that cannot be detected Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Cryptography Science of transforming information So that it is secure while being transmitted or stored Does not attempt to hide the existence of data Scrambles data so that it cannot be viewed by unauthorized users Security Awareness: Applying Practical Security in Your World, 2e

Cryptography (continued) Encryption Changing original text to secret message using cryptography Decryption Changing secret message back to its original form Security Awareness: Applying Practical Security in Your World, 2e

Public and Private Keys Private key system Same key is used to encrypt and decrypt message Public key system Two mathematically related keys are used Public key and a private key Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Digital Signatures Digital signature Code attached to an electronic message that helps to prove that Person sending message with public key is not an imposter Message was not altered Message was sent Encrypted hash of a message that is transmitted along with message Security Awareness: Applying Practical Security in Your World, 2e

Digital Signatures (continued) Hash Creates encrypted text that is never intended to be decrypted Used in a comparison for authentication purposes Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Security Awareness: Applying Practical Security in Your World, 2e

Digital Certificates Link or bind a specific person to a public key Provided by a certification authority (CA) Public key that has been digitally signed by a recognized authority (the CA) Attesting that owner of the key is not an imposter Security Awareness: Applying Practical Security in Your World, 2e

Properly Retiring Old Computers Files that should be removed when selling or donating an old computer E-mail contacts E-mail messages All personal documents All files in the recycle bin or trash folder Internet files All nontransferable software Security Awareness: Applying Practical Security in Your World, 2e

Recovering from Attacks Major steps to take when preparing for an attack Back up your data Back up system information Creating a data backup involves Copying data onto digital media Storing it in a secure location Security Awareness: Applying Practical Security in Your World, 2e

Recovering from Attacks (continued) Questions when creating a data backup What information should be backed up? How often should it be backed up? What media should be used? Where should the backup be stored? How should the backup be performed? Security Awareness: Applying Practical Security in Your World, 2e

Saving Automated System Recovery (ASR) Data Windows XP Automated System Recovery (ASR) Includes an ASR backup and ASR restore ASR backup records System state System services All disks associated with operating system components Security Awareness: Applying Practical Security in Your World, 2e

Restoring the Computer To recover from an attack using ASR Insert original operating system installation CD into the CD drive Restart computer Press the F2 key when prompted Insert the ASR floppy disk when prompted Follow remaining directions on the screen Security Awareness: Applying Practical Security in Your World, 2e

Clean up the Attack Microsoft Windows Malicious Software Removal Tool Helps remove infections by specific malware When done, displays a report describing outcome Security Awareness: Applying Practical Security in Your World, 2e

Restore Data from Backups Most vendors Provide an automated wizard that guides user through process of restoring files After any successful attack Analyze why attack got through defenses Security Awareness: Applying Practical Security in Your World, 2e

Summary Malicious software Social engineering Patch software Programs designed to break into or create havoc on desktop computers Social engineering Relies on trickery and deceit Is considered a basic attack Patch software Describes software security updates Security Awareness: Applying Practical Security in Your World, 2e

Summary (continued) Strong passwords Important defense mechanism against attackers Important to perform regular data backups If a computer becomes infected with malware Remove computer from network Try to reboot computer Security Awareness: Applying Practical Security in Your World, 2e

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.