Complete CompTIA A+ Guide to PCs, 6e

Slides:



Advertisements
Similar presentations
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Advertisements

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Mr C Johnston ICT Teacher
CIT In this chapter you will learn how to:  Explain the threats to your computers and data  Describe key security concepts and technologies.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Chapter 7 HARDENING SERVERS.
PC Support & Repair Chapter 9 Fundamental Security.
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Payment Card Industry (PCI) Data Security Standard
Securing a Wireless Network
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
PC Support & Repair Chapter 10 Fundamental Security.
A First Course in Information Security
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
I T Essentials I Chapter 9 JEOPARDY.
Chapter 7: Using Windows Servers to Share Information.
Module 4: Add Client Computers and Devices to the Network.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: Security IT Essentials 5.0.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco PublicNew CCNA Jianxin Tang IT 1 V4.0 Ch9. Fundamental Security.
Troubleshooting Windows Vista Security Chapter 4.
Module 14: Configuring Server Security Compliance
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
TECHNOLOGY GUIDE THREE Protecting Your Information Assets.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
IT Essentials 1 Chapter 9 JEOPADY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
© 2014 Pearson IT Certification Computer and Network Security.
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.
Small Business Security Keith Slagle April 24, 2007.
Network Infrastructure Microsoft Windows 2003 Network Infrastructure MCSE Study Guide for Exam
Wireless and Mobile Security
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Policies and Security for Internet Access
Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Syo-401 Question Answer. QUESTION 1 An achievement in providing worldwide Internet security was the signing of certificates associated with which of the.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
Network System Security - Task 2. Russell Johnston.
Hardware and software that can provide a good level of security In this presentation I am going to provide advices on hardware and software that needs.
TECHNOLOGY GUIDE THREE
Business Risks of Insecure Networks
Complete CompTIA A+ Guide to PCs, 6e
Unit 27: Network Operating Systems
Chapter Nineteen Security.
Chapter 3: Protecting Your Data and Privacy
Implementing Client Security on Windows 2000 and Windows XP Level 150
Securing Windows 7 Lesson 10.
Cybersecurity and Cyberhygiene
Presentation transcript:

Complete CompTIA A+ Guide to PCs, 6e Chapter 15: Computer and Network Security Complete CompTIA A+ Guide to PCs, 6e © 2014 Pearson IT Certification www.pearsonITcertification.com

Chapter Objectives What is in a security policy Mobile device security methods and devices To perform operating system and data protection How to optimize security for Windows To configure wireless security options Common techniques used when dealing with irate customers © 2014 Pearson IT Certification www.pearsonITcertification.com

CompTIA A+ Exam Objectives Covered in This Chapter 801-1.1: Configure and apply BIOS settings. 801-2.5: Compare and contrast wireless networking standards and encryption types. 801-2.6: Install, configure, and deploy a SOHO wireless/wired router using appropriate settings. 801-2.9: Compare and contrast network devices, their functions, and features. 801-3.3: Compare and contrast laptop features. 801-5.3: Given a scenario, demonstrate proper communication and professionalism. 801-5.4: Explain the fundamentals of dealing with prohibited content/activity. 802-1.1: Compare and contrast the features and requirements of various Microsoft operating systems. 802-1.4: Given a scenario, use appropriate operating system features and tools. © 2014 Pearson IT Certification www.pearsonITcertification.com

CompTIA A+ Exam Objectives Covered in This Chapter 802-1.5: Given a scenario, use Control Panel utilities. 802-1.6: Set up and configure Windows networking on a client/desktop. 802-1.8: Explain the differences among basic OS security settings. 802-1.9: Explain the basics of client-side virtualization. 802-2.1: Apply and use common prevention methods. 802-2.2: Compare and contrast common security threats. 802-2.3: Implement security best practices to secure a workstation. 802-2.4: Given a scenario, use the appropriate data destruction/disposal method. 802-2.5: Given a scenario, secure a SOHO wireless network. 802-2.6: Given a scenario, secure a SOHO wired network. 802-3.3: Compare and contrast methods for securing mobile devices. 802-4.7: Given a scenario, troubleshoot common security issues with appropriate tools and best practices. © 2014 Pearson IT Certification www.pearsonITcertification.com

Security Policy Physical Access Antivirus Acceptable Use Password Email Usage Remote Access Emergency Procedures © 2014 Pearson IT Certification www.pearsonITcertification.com

Physical Security Devices Smart Card Key Fob RFID (Radio Frequency ID) RSA (Rivest Shamir Adleman) Security Token TPM (Trusted Platform Module) Computer Cage Tracking Module Privacy Filter Mantrap © 2014 Pearson IT Certification www.pearsonITcertification.com

Protecting the Operating System and Data File Systems and Security Patches, Updates, and Service Packs Antivirus Encryption BitLocker DEP (Data Execution Prevention) Passwords Auditing Permissions © 2014 Pearson IT Certification www.pearsonITcertification.com

Internet Security Encryption Rootkit Hijacking Spam Cookie Proxy Server Firewall Antivirus and Antispyware Social Engineering Phishing © 2014 Pearson IT Certification www.pearsonITcertification.com

Types of Network Attacks Access ARP (Address Resolution Protocol) Spoofing Backdoor Brute Force DoS (Denial of Service) DDoS (Distributed Denial of Service) Reconnaissance Replay Smurf TCP/IP Hijacking Vulnerability Scanner © 2014 Pearson IT Certification www.pearsonITcertification.com

Security Incidents Virus Spyware or Grayware Phishing Child Exploitation Software Piracy © 2014 Pearson IT Certification www.pearsonITcertification.com

Wireless Authentication and Encryption Open Authentication Shared Key Authentication WEP (Wired Equivalent Privacy) WPA (Wi-Fi Protected Access) WPA2 © 2014 Pearson IT Certification www.pearsonITcertification.com

Soft Skills - Building Customer Trust Trust begins with professionalism in your attire, attitude, written communication, and oral communication. Be honest with the customer. Do not use or discuss any material you see while in a customer area. Do not touch or move things or papers in a customer area. Do what you say you will do. Every time you step into a customer area or talk to a customer, it might lead to a professional reference, a job recommendation, a job lead, or a promotion. Be professional in all that you do. © 2014 Pearson IT Certification www.pearsonITcertification.com

A+ Certification Exam Tips This chapter has information relating to both the 801 and 802 exams and is the most complex chapter because so many security issues need to be experienced in order to know exactly what things to try. As a starting point, be very familiar with the Internet Explorer Internet Options tabs. Review them right before the 802 exam. Be very familiar with wireless security techniques: default usernames, SSID, encryption, SSID broadcasting, MAC filtering, radio power levels, and static IP addressing. Know what to do if you happen across prohibited content/data. Review what to do with security problems such as computer slowdowns, lockups, pop-ups, viruses, malware, and spam. Know the symptoms of a virus and malware. For mobile devices, be able to compare and contrast passcode locks, remote wipes, remote backup applications, failed login attempts restrictions, locator apps, antivirus, and patching/OS updates. © 2014 Pearson IT Certification www.pearsonITcertification.com

Chapter Summary • A security policy guides a company in security matters. The policy defines such things as physical access, antivirus, acceptable usage of devices and data, password policies, email usage guidelines, remote access strategies, and emergency procedures. • Physical security can include door access, key control, authentication methods including the use of smart cards, key fobs, RFID, biometric devices, physical protection of network devices such as servers, APs, switches, and routers, as well as privacy filters. • BIOS security options include configuring a supervisor/user password, disabling unused ports, disabling USB ports, and disabling device options. • To protect the operating system, use NTFS, and have a plan for updating the operating system, web browser, antivirus, antimalware, and antispyware. Encrypt files and folders as necessary. Use BitLocker and TPM technologies, implement a firewall, and disable AutoRun. • If a computer with sensitive data on the hard drive is to be donated, moved, or sold, perform the following: (1) secure erasing, (2) degaussing, and (3) drilling through drive platters and then destroying the pieces with a hammer. © 2014 Pearson IT Certification www.pearsonITcertification.com

Chapter Summary • If virtualization is used, ensure that each virtual machine has adequate protection (firewall, antivirus, antimalware, and antispyware). • Some virus or malware files are quarantined and must be manually deleted. • The Windows guest account should be disabled; the administrator account should be renamed and have a strong password. User accounts provide the amount of administration dictated by what the person needs (principle of least privilege). • Permissions should be assigned appropriately to remotely accessed files and folders. Use either share permissions or NTFS permissions (for more control), but not both on the same network share. If a file is placed in a folder that has permissions, the file inherits the folder permissions. Effective permissions are the bottom-line permissions someone has when group permissions and individual permissions have been granted. • A hijacked browser can cause a different home page to appear, a particular web page to be displayed, a rootkit or other malware to be installed, different DNS settings to be applied, or a new or updated HOSTS file applied. • Email applications now protect against spam, but you can also create rules to block messages from a particular source or subject line. © 2014 Pearson IT Certification www.pearsonITcertification.com

Chapter Summary • Cookies store typed information including sign-ons, sites visited, passwords, and data entered through the web browser. • Internet Explorer can be customized to various levels of alerts and protection. • When a security incident occurs, identify the issue, report it through the proper channels and to the appropriate authorities, and preserve the data by using a chain-of-custody form. • On a wireless network, implement encryption and authentication. Change default SSIDs and passwords. • Secure a mobile device with a PIN, facial recognition, a password, or a passcode/pattern. Secure important data using remote backups to the cloud. Remote data wiping can be configured if the device is compromised or stolen. • When dealing with a customer, a co-worker, or your boss, maintain your professionalism and do everything you can to build trust. © 2014 Pearson IT Certification www.pearsonITcertification.com

© 2014 Pearson IT Certification www.pearsonITcertification.com