Presentation is loading. Please wait.

Presentation is loading. Please wait.

A+ Guide to IT Technical Support, 9th Edition

Published byRalph Oliver Modified over 8 years ago

Similar presentations

Presentation on theme: "A+ Guide to IT Technical Support, 9th Edition"— Presentation transcript:

1 A+ Guide to IT Technical Support, 9th Edition
Chapter 18 Security Strategies Chapter 18 Security Strategies

2 Objectives Secure a Windows personal computer Secure a mobile device
Implement additional security techniques to protect a computer or SOHO network and its resources Recognize, remove, and protect personal computers against malicious software Objectives Secure a Windows personal computer Secure a mobile device Implement additional security techniques to protect a computer or SOHO network and its resources Recognize, remove, and protect personal computers against malicious software A+ Guide to IT Technical Support, 9th Edition

3 Objectives Recognize, remove, and protect mobile devices against malicious software Follow company policies to address issues of software copyright infringement and violations of prohibited content or activities Objectives Recognize, remove, and protect mobile devices against malicious software Follow company policies to address issues of software copyright infringement and violations of prohibited content or activities A+ Guide to IT Technical Support, 9th Edition

4 Securing a Windows Personal Computer
Two goals in securing network resources: To protect resources To not interfere with the functions of the system Sometimes these two goals are in conflict with each other Securing a Windows Personal Computer Two goals in securing network resources: To protect resources To not interfere with the functions of the system Sometimes these two goals are in conflict with each other A+ Guide to IT Technical Support, 9th Edition

5 Use Windows to Authenticate Users
Controlling access to computer resources is done by: Authentication Proves that an individual is who he says he is Authorization Determines what an individual can do in the system after authentication Assign a password to each account created Best to give user the ability to change the password Use Windows to Authenticate Users Controlling access to computer resources is done by: Authentication Proves that an individual is who he says he is Authorization Determines what an individual can do in the system after authentication Assign a password to each account created Best to give user the ability to change the password A+ Guide to IT Technical Support, 9th Edition

6 Use Windows to Authenticate Users
Require Secure Sign-in Normally, a user clicks name and enters password from Welcome screen Malware can sometimes intercept and trick users into providing user accounts and passwords More secure method requires user to press Ctrl+Alt+Del to get to logon The User Accounts utility (Network Places Wizard) can be used to change the way Windows sign-in works Use Windows to Authenticate Users Require Secure Sign-in Normally, a user clicks name and enters password from Welcome screen Malware can sometimes intercept and trick users into providing user accounts and passwords More secure method requires user to press Ctrl+Alt+Del to get to logon The User Accounts utility (Network Places Wizard) can be used to change the way Windows sign-in works A+ Guide to IT Technical Support, 9th Edition

7 Use Windows to Authenticate Users
Figure 18-3 Change the way users log onto Windows A+ Guide to IT Technical Support, 9th Edition

8 Use Windows to Authenticate Users
Lock a Workstation Quickest way to lock a workstation is to press the Win + L Another method is to press Ctrl+Alt+Delete User clicks Lock To unlock, user must enter password Disable the Guest account Disabled by default and should remain disabled Set up an account for visitors, create a standard account and name it Visitor Use Windows to Authenticate Users Lock a Workstation Quickest way to lock a workstation is to press the Win + L Another method is to press Ctrl+Alt+Delete User clicks Lock To unlock, user must enter password Disable the Guest account Disabled by default and should remain disabled Set up an account for visitors, create a standard account and name it Visitor A+ Guide to IT Technical Support, 9th Edition

9 Use Windows to Authenticate Users
Create strong passwords Not easy to guess by humans and computer programs Criteria Use eight or more characters Combine uppercase and lowercase letters, numbers, symbols Use at least one symbol: second through sixth positions Do not use consecutive letters or numbers, adjacent keyboard keys, your logon name, words in any language Do not use same password for more than one system Use Windows to Authenticate Users Create strong passwords Not easy to guess by humans and computer programs Criteria Use eight or more characters Combine uppercase and lowercase letters, numbers, symbols Use at least one symbol: second through sixth positions Do not use consecutive letters or numbers, adjacent keyboard keys, your logon name, words in any language Do not use same password for more than one system A+ Guide to IT Technical Support, 9th Edition

10 File and Folder Encryption
In Windows, files and folders can be encrypted using Windows Encrypted File System (EFS) Works only with the NTFS file system and business/professional editions of Windows If a folder is marked for encryption, every file created in or copied to the folder will be encrypted An encrypted file remains encrypted if moved to an unencrypted folder File and Folder Encryption In Windows, files and folders can be encrypted using Windows Encrypted File System (EFS) Works only with the NTFS file system and business/professional editions of Windows If a folder is marked for encryption, every file created in or copied to the folder will be encrypted An encrypted file remains encrypted if moved to an unencrypted folder A+ Guide to IT Technical Support, 9th Edition

11 File and Folder Encryption
Figure 18-9 Encrypt a folder and all its contents A+ Guide to IT Technical Support, 9th Edition

12 Windows Firewall Settings
A router can serve as a hardware firewall In addition, a large corporation might use a software firewall (called corporate firewall) installed on a computer between Internet and the network A personal firewall (also called host firewall) is software on a computer to protect that computer Windows Firewall is a personal firewall that protects a computer Automatically configured when you set up your security level for a new network connection Can also customize the settings Windows Firewall Settings A router can serve as a hardware firewall In addition, a large corporation might use a software firewall (called corporate firewall) installed on a computer between Internet and the network A personal firewall (also called host firewall) is software on a computer to protect that computer Windows Firewall is a personal firewall that protects a computer Automatically configured when you set up your security level for a new network connection Can also customize the settings A+ Guide to IT Technical Support, 9th Edition

13 Windows Firewall Settings
Figure Three types of firewalls used to protect a network and individual computers on the network A+ Guide to IT Technical Support, 9th Edition

14 Local Security Policies Using Group Policy
Group Policy: controls what users can do with a system and how the system is used Available with business and professional editions of Windows Can set security policies to help secure a workstation Example: require all users to have passwords and to rename default user accounts Local Security Policies Using Group Policy Group Policy: controls what users can do with a system and how the system is used Available with business and professional editions of Windows Can set security policies to help secure a workstation Example: require all users to have passwords and to rename default user accounts A+ Guide to IT Technical Support, 9th Edition

15 Use BitLocker Encryption
Encrypts entire Windows volume and any other volume on the drive Works in partnership with file and folder encryption Three ways to use BitLocker Encryption Computer authentication Computer has a chip on motherboard called TPM (Trusted Platform Module) that holds BitLocker key If hard drive is stolen, BitLocker would not allow access without BitLocker key User authentication – startup key stored on USB drive Computer and user authentication – PIN or password required at every startup Use BitLocker Encryption Encrypts entire Windows volume and any other volume on the drive Works in partnership with file and folder encryption Three ways to use BitLocker Encryption Computer authentication Computer has a chip on motherboard called TPM (Trusted Platform Module) that holds BitLocker key If hard drive is stolen, BitLocker would not allow access without BitLocker key User authentication – startup key stored on USB drive Computer and user authentication – PIN or password required at every startup A+ Guide to IT Technical Support, 9th Edition

16 Use BitLocker Encryption
Provides great security at a price Risk the chance of TPM failure Risk losing all copies of the BitLocker (startup) key Use BitLocker only if the risks of BitLocker giving problems outweigh the risk of stolen data Use BitLocker Encryption Provides great security at a price Risk the chance of TPM failure Risk losing all copies of the BitLocker (startup) key Use BitLocker only if the risks of BitLocker giving problems outweigh the risk of stolen data A+ Guide to IT Technical Support, 9th Edition

17 Use UEFI/BIOS Features to Protect the System
UEFI/BIOS security features Power-on passwords Supervisor password – required to change BIOS setup User password – required to use the system or view UEFI/BIOS setup Drive lock password – required to access the hard drive Stored on the hard drive so it will still control access to drive in the event the drive is removed Some laptops contain LoJack technology on motherboard If software is installed, laptop can be tracked Use UEFI/BIOS Features to Protect the System UEFI/BIOS security features Power-on passwords Supervisor password – required to change BIOS setup User password – required to use the system or view UEFI/BIOS setup Drive lock password – required to access the hard drive Stored on the hard drive so it will still control access to drive in the event the drive is removed Some laptops contain LoJack technology on motherboard If software is installed, laptop can be tracked A+ Guide to IT Technical Support, 9th Edition

18 Use UEFI/BIOS Features to Protect the System
Figure Submenu shows how to set a hard drive password that will be written on the drive A+ Guide to IT Technical Support, 9th Edition

19 Securing a Mobile Device
Need to secure the following on a smart phone or tablet: Data Videos and photos Network connection settings Purchasing patterns and history (as well as credit card information) Securing a Mobile Device Need to secure the following on a smart phone or tablet: Data Videos and photos Network connection settings Purchasing patterns and history (as well as credit card information) A+ Guide to IT Technical Support, 9th Edition

20 Device Access Controls
Consider the following lock methods: Android screen lock iOS screen lock Biometric authentication Full device encryption Restrict iOS failed login attempts Restrict Android failed login attempts Multifactor authentication Device Access Controls Consider the following lock methods: Android screen lock iOS screen lock Biometric authentication Full device encryption Restrict iOS failed login attempts Restrict Android failed login attempts Multifactor authentication A+ Guide to IT Technical Support, 9th Edition

21 Software Security Software methods to secure mobile data:
OS updates and patches Antivirus/anti-malware Trusted sources Firewalls Android locator application and remote wipe iOS locator application and remote wipe Software Security Software methods to secure mobile data: OS updates and patches Antivirus/anti-malware Trusted sources Firewalls Android locator application and remote wipe iOS locator application and remote wipe A+ Guide to IT Technical Support, 9th Edition

22 Mobile Security in Corporate Environments
BYOD (Bring Your Own Device) An employee or student is allowed to connect their own device to the corporate network For security purposes Organization configures a person’s device before allowing it to connect to the network (a process called on-boarding) Reverse process is called off-boarding Mobile Security in Corporate Environments BYOD (Bring Your Own Device) An employee or student is allowed to connect their own device to the corporate network For security purposes Organization configures a person’s device before allowing it to connect to the network (a process called on-boarding) Reverse process is called off-boarding A+ Guide to IT Technical Support, 9th Edition

23 Mobile Security in Corporate Environments
Facts about on-boarding/off-boarding: On-boarding might include installing an app on a device On-boarding might install a remote backup application Remotely backs up data to a company’s file server Off-boarding might include the ability to perform a remote wipe on a device that is lost or stolen Two examples of software that support on-/off-boarding: Microsoft Exchange server and Google Apps Mobile Management software Mobile Security in Corporate Environments Facts about on-boarding/off-boarding: On-boarding might include installing an app on a device On-boarding might install a remote backup application Remotely backs up data to a company’s file server Off-boarding might include the ability to perform a remote wipe on a device that is lost or stolen Two examples of software that support on-/off-boarding: Microsoft Exchange server and Google Apps Mobile Management software A+ Guide to IT Technical Support, 9th Edition

24 Additional Methods to Protect Resources
In this part of chapter, you will learn: To securely authenticate users on a large network Physically protect computer resources Destroy data before you toss out a storage device Educate users to not compromise security measures in place Additional Methods to Protect Resources In this part of chapter, you will learn: To securely authenticate users on a large network Physically protect computer resources Destroy data before you toss out a storage device Educate users to not compromise security measures in place A+ Guide to IT Technical Support, 9th Edition

25 Authenticate Users For Large Networks
Security Tokens and Smart Cards Small device containing authentication information Most popular type of token is a smart card Keyed into a logon window by a user Read by a smart card reader Transmitted wirelessly Variations of smart cards Key fob Wireless token Memory stripe card Cell phone with token Authenticate Users For Large Networks Security Tokens and Smart Cards Small device containing authentication information Most popular type of token is a smart card Keyed into a logon window by a user Read by a smart card reader Transmitted wirelessly Variations of smart cards Key fob Wireless token Memory stripe card Cell phone with token A+ Guide to IT Technical Support, 9th Edition

26 Authenticate Users For Large Networks
Figure Smart card is read by a smart card reader A+ Guide to IT Technical Support, 9th Edition

27 Authenticate Users For Large Networks
Biometric data Validates the person’s physical body Biometric device - input device that inputs biological data about a person which can identify a person’s Forms of biometric data: Fingerprints Retinal scans (scans part of the eye) Handprints Face recognition Voice recognition Authenticate Users For Large Networks Biometric data Validates the person’s physical body Biometric device - input device that inputs biological data about a person which can identify a person’s Forms of biometric data: Fingerprints Retinal scans (scans part of the eye) Handprints Face recognition Voice recognition A+ Guide to IT Technical Support, 9th Edition

28 Physical Security Methods and Devices
Best practices for physical security: Keep really private data under lock and key Lock down the computer case Use lock and chain To physically tie computer to a desk or other permanent fixture Privacy filters Fits over the screen to prevent it from being read from a wide angle Physical Security Methods and Devices Best practices for physical security: Keep really private data under lock and key Lock down the computer case Use lock and chain To physically tie computer to a desk or other permanent fixture Privacy filters Fits over the screen to prevent it from being read from a wide angle A+ Guide to IT Technical Support, 9th Edition

29 Physical Security Methods and Devices
Best practices for physical security (cont’d): Use a theft-prevention plate Embed it into the case or engrave your ID information into it Mantrap and security guard Consists of two doors on either end of a small entryway First door must close before second door can open Separate form of ID might be required for each door Security guard might maintain an entry control roster List of authorized people Physical Security Methods and Devices Best practices for physical security (cont’d): Use a theft-prevention plate Embed it into the case or engrave your ID information into it Mantrap and security guard Consists of two doors on either end of a small entryway First door must close before second door can open Separate form of ID might be required for each door Security guard might maintain an entry control roster List of authorized people A+ Guide to IT Technical Support, 9th Edition

30 Digital Security Methods and Resources
Windows Firewall is an example of digital-based security Additional software security measures: VPN (Virtual Private Network) filtering Trusted software sources Access control lists (ACLs) Digital Security Methods and Resources Windows Firewall is an example of digital-based security Additional software security measures: VPN (Virtual Private Network) filtering Trusted software sources Access control lists (ACLs) A+ Guide to IT Technical Support, 9th Edition

31 Unified Threat Management (UTM) Appliance
Next-generation firewall (NGFW) combines firewall software with antivirus/anti-malware software Can offer comprehensive Unified Threat Management (UTM) services UTM appliance stands between the Internet and a private network and protect the network Also called a security appliance, network appliance, or Internet appliance Unified Threat Management (UTM) Appliance Next-generation firewall (NGFW) combines firewall software with antivirus/anti-malware software Can offer comprehensive Unified Threat Management (UTM) services UTM appliance stands between the Internet and a private network and protect the network Also called a security appliance, network appliance, or Internet appliance A+ Guide to IT Technical Support, 9th Edition

32 Unified Threat Management (UTM) Appliance
A UTM appliance might offer: Firewall Antivirus and anti-malware software Identity-based access control lists Intrusion detection system (IDS) Intrusion prevention system (IPS) VPN Unified Threat Management (UTM) Appliance A UTM appliance might offer: Firewall Antivirus and anti-malware software Identity-based access control lists Intrusion detection system (IDS) Intrusion prevention system (IPS) VPN A+ Guide to IT Technical Support, 9th Edition

33 Unified Threat Management (UTM) Appliance
Figure A UTM appliance is considered a next-generation firewall that can protect a private network A+ Guide to IT Technical Support, 9th Edition

34 Data Destruction and Disposal
Ways to destroy printed documents and sanitize storage devices: Use a paper shredder Overwrite data on the drive Physically destroy the storage media For magnetic devices, use a degausser Exposes a storage device to a strong magnetic field to completely erase data For solid-state devices, use a Secure Erase utility Use a secure data-destruction service Data Destruction and Disposal Ways to destroy printed documents and sanitize storage devices: Use a paper shredder Overwrite data on the drive Physically destroy the storage media For magnetic devices, use a degausser Exposes a storage device to a strong magnetic field to completely erase data For solid-state devices, use a Secure Erase utility Use a secure data-destruction service A+ Guide to IT Technical Support, 9th Edition

35 Data Destruction and Disposal
Figure Use a degausser to sanitize a magnetic hard drive or tape A+ Guide to IT Technical Support, 9th Edition

36 Educate Users Important security measures for users
Never give out passwords to anyone Do not store passwords on a computer Do not use same password on more than one system Be aware of shoulder surfing Other people peek at your monitor screen Lock down your workstation each time you step away Be on the alert for tailgating When someone who is unauthorized follows the employee through a secured entrance Also when someone continues to use a Windows session Educate Users Important security measures for users Never give out passwords to anyone Do not store passwords on a computer Do not use same password on more than one system Be aware of shoulder surfing Other people peek at your monitor screen Lock down your workstation each time you step away Be on the alert for tailgating When someone who is unauthorized follows the employee through a secured entrance Also when someone continues to use a Windows session A+ Guide to IT Technical Support, 9th Edition

37 Educate Users Social engineering techniques
Don’t forward an hoax Site to help you debunk a virus or hoax: snopes.com securelist.com virusbtn.com Phishing: a type of identity theft where the sender of an scams you into responding with personal data An message might contain a link that leads to a malicious script Educate Users Social engineering techniques Don’t forward an hoax Site to help you debunk a virus or hoax: snopes.com securelist.com virusbtn.com Phishing: a type of identity theft where the sender of an scams you into responding with personal data An message might contain a link that leads to a malicious script A+ Guide to IT Technical Support, 9th Edition

38 Educate Users A+ Guide to IT Technical Support, 9th Edition
Figure This phishing technique using an message with an attached file is an example of social engineering A+ Guide to IT Technical Support, 9th Edition

39 Educate Users Commonsense rules to protect a laptop:
Always know where your laptop is Never check in your laptop as baggage Never leave in overhead bins, keep at feet Never leave a laptop in an unlocked car or hotel room Use a laptop cable lock to secure to table if you must leave it in a hotel room When at work, lock your laptop in a secure place Educate Users Commonsense rules to protect a laptop: Always know where your laptop is Never check in your laptop as baggage Never leave in overhead bins, keep at feet Never leave a laptop in an unlocked car or hotel room Use a laptop cable lock to secure to table if you must leave it in a hotel room When at work, lock your laptop in a secure place A+ Guide to IT Technical Support, 9th Edition

40 Dealing With Malicious Software on Personal Computers
Malicious software (malware, computer infestation) Any unwanted program that means harm Transmitted to a computer without user’s knowledge Grayware Any annoying and unwanted program Might or might not mean harm Dealing With Malicious Software on Personal Computers Malicious software (malware, computer infestation) Any unwanted program that means harm Transmitted to a computer without user’s knowledge Grayware Any annoying and unwanted program Might or might not mean harm A+ Guide to IT Technical Support, 9th Edition

41 What Are We Up Against? Viruses Spyware software
Replicates by attaching itself to other programs Program might be an application, macro, Windows system file, or a boot loader program Spyware software Spies on user and collects personal information An example: Keylogger Tracks all keystrokes What Are We Up Against? Viruses Replicates by attaching itself to other programs Program might be an application, macro, Windows system file, or a boot loader program Spyware software Spies on user and collects personal information An example: Keylogger Tracks all keystrokes A+ Guide to IT Technical Support, 9th Edition

42 What Are We Up Against? Worms Trojans
Copies itself throughout a network or the Internet without a host program Overloads the network Trojans Does not need a host program to work Substitutes itself for a legitimate program Often downloaded from a web site or a user is tricked into opening an attachment What Are We Up Against? Worms Copies itself throughout a network or the Internet without a host program Overloads the network Trojans Does not need a host program to work Substitutes itself for a legitimate program Often downloaded from a web site or a user is tricked into opening an attachment A+ Guide to IT Technical Support, 9th Edition

43 What Are We Up Against? Rootkit Ransomware Zero-day attack
Virus that loads itself before the OS boot is complete Can hide folders that contain software it has installed Can hijack internal Windows components so it masks information Windows provides to user mode utilities Ransomware Holds your computer system hostage until you pay money Zero-day attack Can happen when a hacker discovers a security hole What Are We Up Against? Rootkit Virus that loads itself before the OS boot is complete Can hide folders that contain software it has installed Can hijack internal Windows components so it masks information Windows provides to user mode utilities Ransomware Holds your computer system hostage until you pay money Zero-day attack Can happen when a hacker discovers a security hole A+ Guide to IT Technical Support, 9th Edition

44 What Are We Up Against? Man-in-the-middle attack Zombies and botnets
Attacker presents a program or himself as someone else to obtain private information Zombies and botnets Zombie is a computer that has been hacked Hacker uses the computer to run repetitive software in the background Botnet is an entire network of zombies Dictionary attack Used to crack a long password by trying words in a dictionary What Are We Up Against? Man-in-the-middle attack Attacker presents a program or himself as someone else to obtain private information Zombies and botnets Zombie is a computer that has been hacked Hacker uses the computer to run repetitive software in the background Botnet is an entire network of zombies Dictionary attack Used to crack a long password by trying words in a dictionary A+ Guide to IT Technical Support, 9th Edition

45 What Are We Up Against? Non-compliant systems and violations of security best practices Microsoft System Center is used to remotely configure computers and monitor their configurations Administrators can view reports to look for non-compliant systems that violate security best practices Such as out-of-date anti-malware software What Are We Up Against? Non-compliant systems and violations of security best practices Microsoft System Center is used to remotely configure computers and monitor their configurations Administrators can view reports to look for non-compliant systems that violate security best practices Such as out-of-date anti-malware software A+ Guide to IT Technical Support, 9th Edition

46 Step-By-Step Attack Plan
Step 1: Identify Malware Symptoms Pop-up ads and browser redirection Rogue antivirus software Slow performance or lock ups Internet connectivity issues, application crashes, and OS updates fail Problems with files problems Can’t update anti-malware software Invalid digital certificates Step-By-Step Attack Plan Step 1: Identify Malware Symptoms Pop-up ads and browser redirection Rogue antivirus software Slow performance or lock ups Internet connectivity issues, application crashes, and OS updates fail Problems with files problems Can’t update anti-malware software Invalid digital certificates A+ Guide to IT Technical Support, 9th Edition

47 Step-By-Step Attack Plan
Step 2: Quarantine an Infected System Prevent spreading of malware Immediately disconnect from network or turn off the wireless adapter Download antivirus software Disconnect other computers while infected computer connected Connect infected computer directly to the ISP Boot into Safe Mode with Networking Before cleaning up infected system back up data to another media Step-By-Step Attack Plan Step 2: Quarantine an Infected System Prevent spreading of malware Immediately disconnect from network or turn off the wireless adapter Download antivirus software Disconnect other computers while infected computer connected Connect infected computer directly to the ISP Boot into Safe Mode with Networking Before cleaning up infected system back up data to another media A+ Guide to IT Technical Support, 9th Edition

48 Step-By-Step Attack Plan
Step 3: Disable System Restore Some malware hides its program files in restore points in the System Volume Information folder maintained by System Protection If System Protection is on, anti-malware software can’t clean this protected folder To get rid of malware, turn off System Protection Step-By-Step Attack Plan Step 3: Disable System Restore Some malware hides its program files in restore points in the System Volume Information folder maintained by System Protection If System Protection is on, anti-malware software can’t clean this protected folder To get rid of malware, turn off System Protection A+ Guide to IT Technical Support, 9th Edition

49 Step-By-Step Attack Plan
Step 4: Remediate the Infected System Before selecting AV software, read reviews and check out reliable web sites that rate AV software Step-By-Step Attack Plan Step 4: Remediate the Infected System Before selecting AV software, read reviews and check out reliable web sites that rate AV software Table Antivirus software and websites A+ Guide to IT Technical Support, 9th Edition

50 Step-By-Step Attack Plan
Step 4: Remediate the Infected System (cont’d) Run anti-malware software already installed Update software and perform a full scan Run anti-malware software from a networked computer Install and run anti-malware software on the infected computer Install and run anti-malware software in Safe Mode Run anti-malware software from a bootable rescue CD or flash drive Step-By-Step Attack Plan Step 4: Remediate the Infected System (cont’d) Run anti-malware software already installed Update software and perform a full scan Run anti-malware software from a networked computer Install and run anti-malware software on the infected computer Install and run anti-malware software in Safe Mode Run anti-malware software from a bootable rescue CD or flash drive A+ Guide to IT Technical Support, 9th Edition

51 Step-By-Step Attack Plan
Step 4: Remediate the Infected System (cont’d) Clean Up What’s Left Over Respond to any startup errors Research malware types and program files Delete files Clean the registry Clean up Internet Explorer and uninstall unwanted programs Step-By-Step Attack Plan Step 4: Remediate the Infected System (cont’d) Clean Up What’s Left Over Respond to any startup errors Research malware types and program files Delete files Clean the registry Clean up Internet Explorer and uninstall unwanted programs A+ Guide to IT Technical Support, 9th Edition

52 Step-By-Step Attack Plan
Step 5: Protect the System with Scheduled Scans and Updates Use anti-malware software Always use a software firewall Keep Windows updates current Step 6: Enable System Protection and Create a Restore Point Once system is clean Step-By-Step Attack Plan Step 5: Protect the System with Scheduled Scans and Updates Use anti-malware software Always use a software firewall Keep Windows updates current Step 6: Enable System Protection and Create a Restore Point Once system is clean A+ Guide to IT Technical Support, 9th Edition

53 Step-By-Step Attack Plan
Step 7: Educate the User Go over with the user some tips presented earlier in this chapter to keep the system free from malware Step-By-Step Attack Plan Step 7: Educate the User Go over with the user some tips presented earlier in this chapter to keep the system free from malware A+ Guide to IT Technical Support, 9th Edition

54 Dealing with Malicious Software on Mobile Devices
This section covers how to deal with malicious software on mobile devices Begin by learning how to recognize an infected device Dealing with Malicious Software on Mobile Devices This section covers how to deal with malicious software on mobile devices Begin by learning how to recognize an infected device A+ Guide to IT Technical Support, 9th Edition

55 Common Mobile Device Malware Symptoms
Symptoms that malware might be at work on an Android, iOS, or Windows Phone device: Battery drain, slow speeds, leaked data, strange text messages, and data transmission over limits Dropped phone calls or weak signal Unintended Wi-Fi and Bluetooth connections Unauthorized account access Unauthorized location tracking Unauthorized use of camera or microphone Common Mobile Device Malware Symptoms Symptoms that malware might be at work on an Android, iOS, or Windows Phone device: Battery drain, slow speeds, leaked data, strange text messages, and data transmission over limits Dropped phone calls or weak signal Unintended Wi-Fi and Bluetooth connections Unauthorized account access Unauthorized location tracking Unauthorized use of camera or microphone A+ Guide to IT Technical Support, 9th Edition

56 Common Mobile Device Malware Symptoms
Symptoms that malware might be at work on an Android, iOS, or Windows Phone device (cont’d): Unauthorized root access Jailbroken iOS device Rotted Android device Rooted Windows Phone Common Mobile Device Malware Symptoms Symptoms that malware might be at work on an Android, iOS, or Windows Phone device (cont’d): Unauthorized root access Jailbroken iOS device Rotted Android device Rooted Windows Phone A+ Guide to IT Technical Support, 9th Edition

57 Mobile Device Tools and Malware Removal
General steps for removing malware: Uninstall the offending app Update the OS Remove root access to the device Unroot with the app that was used to root the device Download a root removal app Factory reset Mobile Device Tools and Malware Removal General steps for removing malware: Uninstall the offending app Update the OS Remove root access to the device Unroot with the app that was used to root the device Download a root removal app Factory reset A+ Guide to IT Technical Support, 9th Edition

58 Mobile Device Tools and Malware Removal
After removing malware: Don’t jailbreak or root a device and keep OS updates current Educate users about importance of privacy settings and of not opening attachments Consider installing an anti-malware app Wi-Fi Analyzers Can be used to detect devices not authorized to use the network, identify attempts made by connected devices to hack transmissions, and identify their physical location Mobile Device Tools and Malware Removal After removing malware: Don’t jailbreak or root a device and keep OS updates current Educate users about importance of privacy settings and of not opening attachments Consider installing an anti-malware app Wi-Fi Analyzers Can be used to detect devices not authorized to use the network, identify attempts made by connected devices to hack transmissions, and identify their physical location A+ Guide to IT Technical Support, 9th Edition

59 Mobile Device Tools and Malware Removal
Cellular Network Analyzers Used to monitor cellular networks for signal strength of cell towers, WAPs, and repeaters Can also monitor for interference, performance, and voice and data transmissions Mobile Device Tools and Malware Removal Cellular Network Analyzers Used to monitor cellular networks for signal strength of cell towers, WAPs, and repeaters Can also monitor for interference, performance, and voice and data transmissions A+ Guide to IT Technical Support, 9th Edition

60 Software Licensing and Prohibited Content or Activity
Many organizations have a code of conduct that applies to employees and/or customers Part of a technician’s job might include keeping track of software licensing to ensure that a company is not using pirated software Must ensure that unauthorized copies of original software are not being produced (software piracy) When you start a new job, find out how to deal with prohibited content or activity Software Licensing and Prohibited Content or Activity Many organizations have a code of conduct that applies to employees and/or customers Part of a technician’s job might include keeping track of software licensing to ensure that a company is not using pirated software Must ensure that unauthorized copies of original software are not being produced (software piracy) When you start a new job, find out how to deal with prohibited content or activity A+ Guide to IT Technical Support, 9th Edition

61 Software Licensing and Prohibited Content or Activity
Things you need to know: Go through the proper channels when you suspect an infringement of the law What data or device should you preserve as evidence for what you believe has happened? What documentation are you expected to submit and to whom is it submitted? Proper documentation surrounding the evidence of a crime is crucial to a criminal investigation Software Licensing and Prohibited Content or Activity Things you need to know: Go through the proper channels when you suspect an infringement of the law What data or device should you preserve as evidence for what you believe has happened? What documentation are you expected to submit and to whom is it submitted? Proper documentation surrounding the evidence of a crime is crucial to a criminal investigation A+ Guide to IT Technical Support, 9th Edition

62 Summary The netplwiz command can be used to require user to press Ctrl+Alt+Del to logon to Windows Windows power settings can be used to lock down a workstation after inactivity and require a password to unlock the workstation Encrypted File System (EFS) is used with NTFS volume in Windows business and professional versions Windows Firewall, Group Policy, BitLocker Encryption, and UEFI/BIOS security features can all be used to help secure a computer and its data Summary The netplwiz command can be used to require user to press Ctrl+Alt+Del to logon to Windows Windows power settings can be used to lock down a workstation after inactivity and require a password to unlock the workstation Encrypted File System (EFS) is used with NTFS volume in Windows business and professional versions Windows Firewall, Group Policy, BitLocker Encryption, and UEFI/BIOS security features can all be used to help secure a computer and its data A+ Guide to IT Technical Support, 9th Edition

63 Summary Large networks might use smart cards and biometric data to authenticate a user Physical security can include a locked door, lock and chain, or privacy filter Data can be destroyed using a paper shredder, low-level format, drill, degausser, or Secure Erase utility Educate users against social engineering and how to best protect a laptop when traveling Summary Large networks might use smart cards and biometric data to authenticate a user Physical security can include a locked door, lock and chain, or privacy filter Data can be destroyed using a paper shredder, low-level format, drill, degausser, or Secure Erase utility Educate users against social engineering and how to best protect a laptop when traveling A+ Guide to IT Technical Support, 9th Edition

64 Summary Malware includes a virus, spyware, keylogger, worm, Trojan, rootkit, ransomware, zero-day attack, man-in-the-middle attack, zombies, botnets, and dictionary attacks Malware symptoms include pop-up ads, slow performance, error messages, file errors, spam, and strange processes running When you suspect a computer is infected, immediately quarantine it Summary Malware includes a virus, spyware, keylogger, worm, Trojan, rootkit, ransomware, zero-day attack, man-in-the-middle attack, zombies, botnets, and dictionary attacks Malware symptoms include pop-up ads, slow performance, error messages, file errors, spam, and strange processes running When you suspect a computer is infected, immediately quarantine it A+ Guide to IT Technical Support, 9th Edition

65 Summary Symptoms of malware on mobile devices include battery drain, slow speeds, leaked data, dropped calls, and unintended Wi-Fi and Bluetooth connections, location tracking, unauthorized use of camera or microphone, and root access Commercial licensing of software can be a personal license or enterprise license A chain-of-custody document provides a paper trail of evidence in a criminal case Summary Symptoms of malware on mobile devices include battery drain, slow speeds, leaked data, dropped calls, and unintended Wi-Fi and Bluetooth connections, location tracking, unauthorized use of camera or microphone, and root access Commercial licensing of software can be a personal license or enterprise license A chain-of-custody document provides a paper trail of evidence in a criminal case A+ Guide to IT Technical Support, 9th Edition

Download ppt "A+ Guide to IT Technical Support, 9th Edition"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
SECURITY CHECK Protecting Your System and Yourself Source:

SECURITY CHECK Protecting Your System and Yourself Source:
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
CIT 1100. In this chapter you will learn how to:  Explain the threats to your computers and data  Describe key security concepts and technologies.

CIT In this chapter you will learn how to:  Explain the threats to your computers and data  Describe key security concepts and technologies.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
3 Section C: Installing Software and Upgrades  Web Apps  Mobile Apps  Local Applications  Portable Software  Software Upgrades and Updates  Uninstalling.

3 Section C: Installing Software and Upgrades  Web Apps  Mobile Apps  Local Applications  Portable Software  Software Upgrades and Updates  Uninstalling.
Computer Viruses.

Computer Viruses.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Complete CompTIA A+ Guide to PCs, 6e

Complete CompTIA A+ Guide to PCs, 6e
Viruses & Destructive Programs

Viruses & Destructive Programs
Securing Your Home Computer Presenter: Donnie Green Date: February 11, 2009 National Aeronautics and Space Administration www.nasa.gov.

Securing Your Home Computer Presenter: Donnie Green Date: February 11, 2009 National Aeronautics and Space Administration
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.

Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.

Similar presentations

Ads by Google