Presentation is loading. Please wait.

Presentation is loading. Please wait.

PC Support & Repair Chapter 12 Security

Published byBrent Fields Modified over 7 years ago

Similar presentations

Presentation on theme: "PC Support & Repair Chapter 12 Security"— Presentation transcript:

1 PC Support & Repair Chapter 12 Security
9 days including study guide and test

2 Objectives After completing this chapter, you will meet these objectives: Explain why security is important. Describe security threats. Identify security procedures. Identify common preventive maintenance techniques for security. Troubleshoot security. This chapter reviews the types of attacks that threaten the security of computers and the data contained on them. A technician is responsible for the security of data and computer equipment in an organization. You will learn how to work with customers to ensure that the best possible protection is in place. To successfully protect computers and the network, a technician must understand both physical and data threats.

3 Security threats 12.1

4 Malware Any software to create malicious acts
Adware, spyware, grayware, viruses, worms, Trojan horses, rootkits Usually installed without user knowledge Open extra windows, changes computer’s config, redirect browser, collect info, etc.

5 Type of Malware: VIRUS Virus
Transferred through , flash drives, file transfers, IM When file is access, virus executes

6 Type of Malware: TROJAN HORSE
Looks ok but has malicious code Often in free online games Can open a hole in software for an attack Example: You download a free game on your phone and then your phone starts dialing random numbers or downloads weird stuff on its own.

7 Type of Malware: WORMS Self-replicating program
Duplicates across network w/out you knowing Doesn’t need to attach to program Ties up network bandwidth & prevent users from doing normal stuff Gets in from unpactched software Worms typically spread by automatically exploiting known vulnerabilities in legitimate software.

8 Type of Malware: ADWARE
Displays ads on computer Usually in pop ups Pops up faster than you can close Comes in software you download

9 Type of Malware: SPYWARE
Software installed w/out you knowing Intercepts & collects data; gets passwords Gathers info about you & sends it to someone else w/out your consent Gather browsing data Steal personal or financial info After spyware is installed and run, it monitors activity on the computer. The spyware then sends this information to the individual or organization responsible for launching the spyware.

10 Type of Malware: RANSOMWARE
Similar to adware Denies access to computer Demands a paid ransom to get PC control back

11 Type of Malware: ROOTKITS
Gains administrator-level access to computer Uses known vulnerability or password to get admin access Very difficult to detect; almost invisible to anti-malware software Has the rights to control and modify security programs Installed in the boot sector BIOS boots system from rootkit Thinks rootkit is the OS Rootkit runs in RAM May have to reinstall OS to get rid of it Since it runs in RAM before the OS boots, it’s completely invisible to anti-malware

12 Solution to Malware To detect, disable, and remove malware before it infects a computer, always use antivirus software, antispyware, and adware removal tools These software programs become outdated quickly It is the responsibility of the technician to apply the most recent updates, patches, and virus definitions as part of a regular maintenance schedule Many organizations establish a written security policy stating that employees are not permitted to install any software that is not provided by the company.

13 Activity

14 Activity- ANSWERS

15 Review- 5Q What type of threat installs software on your PC to monitor your activity? Spyware What is the most difficult threat to protect against because it installs in the boot sector? Rootkit What places ads on the desktop without you doing anything? Adware Name two types of malware. Adware, spyware, virus, worm, Trojan, rootkit What program is self-replicating? Worm

16 Review- 4Q Which attack comes by and directs you to a web page to enter personal info? Phishing Which software is installed on your computer w/out your knowing when you download a program and it displays product “windows” on the screen? Adware What ties up the networks bandwidth? Worm How do you make sure your AV software can protect you from the latest viruses? Download the latest virus updates

17 Threat: PHISHING , phone, or text to get personal or financial information Can also be used to persuade users to unknowingly install malware on their computers Looks legit Bank Ask to verify password or account to prevent something bad from happening Through link to real-looking web page Spear phishing When a phishing attack is targeted at a specific individual or organization Organizations must educate their users regarding phishing attacks. There is rarely a need to provide sensitive personal or financial information online. Legitimate businesses will not ask for sensitive information through . Be suspicious. When in doubt, make contact by mail or phone to ensure the validity of the request.

18 Threat: SPAM Unsolicited junk mail
Can be for ads or include harmful links or malware Goal is to get sensitive info Sent out by compromised PCs to others Reduced by ISP filter, antivirus software, programs that filter it Watch for with: No subject line Misspelled words & strange punctuation Long, cryptic hyperlinks Request to open an attachment Organizations must also make employees aware of the dangers of opening attachments that may contain a virus or a worm. Do not assume that attachments are safe, even when they are sent from a trusted contact. The sender’s computer may be infected by a virus that is trying to spread itself. Always scan attachments before opening them.

19 Threat: (DoS) DENIAL OF SERVICE ATTACK
Overload a system so it can’t do its normal work Crash or flood server Regular Example: You go to bank to cash a check Bank is filled with people who don’t even have a bank account They are just there to disrupt normal service Prevents users from accessing services on network; System is busy responding to the large amounts of requests; Resources get overloaded & shut down PING OF DEATH Many, large pings BOMB Large amounts of bulk overloads server

20 Threat: (DDOS) DISTRIBUTED DENIAL OF SERVICE ATTACK
Uses infected “zombie” or “botnet” computers to launch attacks Zombies are all over the place; can’t trace Botnets are used to accept and pass on attacks/viruses.

21 Threat: SYN FLOOD A SYN request initializes TCP communication
Ties up the server bc it replies to nothing Others are denied service

22 Threat: SPOOFING Computer pretends to be a trusted computer to gain access to resources IP spoofing- hiding the source IP MAC spoofing- mainly used in wireless networks to avoid MAC filtering

23 Threat: MAN-IN-THE-MIDDLE ATTACK
Intercepting communications between computers to steal information traveling through the network Could also be used to manipulate messages and relay false information between hosts

24 Threat: REPLAY ATTACK Hacker sniffs packets to get authentication info
Then hacker uses info to connect to server Replay attack- server thinks it’s the last client & will connect

25 Threat: DNS POISONING DNS records are changed to point to imposter server User attempts to access a legitimate site, but traffic is diverted to an imposter site Imposter site used to capture confidential information, such as usernames and passwords

26 Threat: ZERO DAY ATTACK
A hole in software that is unknown to the vendor Security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it

27 THREAT: SOCIAL ENGINEERING
An attempt to fraudulently get sensitive info from users Usernames, passwords, credit card #, account #, ss #, etc. They pretend to be a trustworthy person

28 Social Engineering Techniques
Pretexting Pretends to need personal info to confirm identity of recipient Phishing Spear Phishing Targeted phishing attack Tailgating Following an authorized person into secure area There’s also: Shoulder surfing Looking over someone’s shoulder to get the info Eavesdropping Listening to conversations to get the info Dumpster diving Looking for trash with info on it

29 Attack!

30 Attack again!

31 What’s your password?

32 Preventing Social Engineering Attacks
The end user is the weak link Teach users: Never give out your login credentials Never post credential information in your work area Lock your computer when you leave your desk Implement an access or entry control roster listing who is permitted in Do not let anyone follow you through a door that requires an access card Always ask for the ID of unknown persons Restrict access to visitors Escort all visitors

33 Activity- NOT ALL ARE USED

34 Activity- ANSWERS

35 Review- 4Q What kind of attack uses zombie computers to attack another system? DDoS How do DoS and DDoS attack a server? They overload it so the server cannot do its normal functions; possibly crashes Which attack tricks you into entering your personal info through and a spoofed web site? Phishing What attack gets the info before it gets to its destination? Man-in-the-middle

36 Review- 3Q A visitor at your work looks over your shoulder & sees your password. They then go home & use it to access the network. What is this called? Social engineering What is the best way to prevent social eng.? Train staff What kind of attack is when a hole in software is found and is taken advantage of before it gets patched? Zero day attack

37 Security procedures 12.2

38 Create a Security Policy

39 Local Windows Security Policy
In Active Directory networks, Windows policies are set on server & are active when user logs in On stand-alone computers: Control Panel > Administrative Tools > Local Security Policy On a domain: use gpedit.msc to edit group policy. Could search for secpol.msc in Search. Windows 10 Home edition does not come with Local Security Policy. You can save and export the policy.

40 Username & Password Change defaults
Use a standard naming convention for users EX: jsmith Don’t use other users login info BIOS password Local PC password Network password 2nd to last picture is local security policy password settings. Password must meet complexity requirements - The password must not contain the user's account name or parts of the user's full name that exceed two consecutive characters. The password must contain three of the following four categories: uppercase letters, lowercase letters, numbers, and symbols. Store passwords using reversible encryption - Storing passwords using reversible encryption is essentially the same as storing plaintext versions of the passwords. For this reason, this policy should never be enabled unless application requirements outweigh the need to protect password information. Last picture is Account Lockout Policy:

41 Local Windows Password
Create a Windows password Lock PC when not around it or set screen saver with login

42 Activity TestOut Lab 12.5.4 Configure BIOS/UEFI Security
TestOut Lab Enforce Password Settings

43 Web Security Browser settings: ActiveX Filtering Pop-up Blocker
SmartScreen Filter Detects phishing & malicious items on websites InPrivate Browsing Like Chrome’s incognito mode Internet Explorer uses ActiveX to load other media-rich software applications in the browser. These were reused across sites and if you okay’d one, it could be loaded maliciously from another website.

44 Protect Data Software Firewall Smart Card Biometrics Key fob
Allows/denies traffic to & from network Smart Card Plastic card with chip Stores information Biometrics Fingerprint, eye, facial, etc. Key fob

45 Data Backups Full weekly or monthly Should be stored off-site
Then frequent partial Should be stored off-site Protect backup with password Check to make sure backup is good

46 File and Folder Permissions
Right-click the file or folder and select Properties > Security > Edit… Level Description Full Can do everything Modify Change & delete but NOT create new Read and Execute Can see contents & run Read Can see & open Write Can create & make changes

47 File & Folder Encryption- EFS
EFS (Encrypting File System) in Windows Can encrypt files or folders Can only be opened by the user who encrypted them or by an administrator Right-click on file/folder, Properties, Advanced, Encrypt Encrypted files will be green

48 Data Encryption- BitLocker in Windows
Used to encrypt entire hard drive 1st- initialize TPM in BIOS 2nd- turn on BitLocker in Control Panel Needs a TPM (Trusted Platform Module) on the motherboard to store the encrypted keys OR a flash drive to store the keys To use BitLocker, at least two volumes must be present on a hard disk. A system volume is left unencrypted and must be at least 100 MB. This volume holds the files required by Windows to boot. TPM is a chip on the motherboard. Note: BitLocker encryption can also be used with removable drives by using BitLocker To Go. BitLocker To Go does not use a TPM chip, but still provides encryption for the data and requires a password.

49 Hardware Destruction Data wiping Hard drive destruction
Used to remove sensitive data Formatting is not enough Overwrites data multiple times Hard drive destruction Shatter platters with hammer Shred CD’s & floppies Hard drive recycling (no sensitive data) Format & reuse or donate Deleting files from a hard drive does not remove them completely from the computer. The operating system removes the reference to the file in the file allocation table, but the data remains. This data is not completely removed until the hard drive stores other data in the same location, overwriting the previous data. To wipe data: use data wiping software or a degaussing wand on magnetic drives. An SSD should use Secure Erase. Secure erase software takes a long time to erase a disk. Many programs offer multiple choices for overwriting data. Special patterns of 1s and 0s, mathematical algorithms, random bits, and multiple overwrites can be used. Degaussing disrupts or eliminates the magnetic field on a hard drive that allow for the storage of data. An electromagnet is a magnet, that when a current is applied, its magnetic field becomes very strong. A degaussing tool can cost US$20,000 or more, so it is not a practical solution for most users. It takes about 10 seconds to degauss a hard drive, so it can save a lot of time and money if a large number of hard drives need to be securely erased. There are also degaussing wands that can be used for smaller jobs, as shown in Figure 1. A degaussing wand uses powerful magnets instead of electromagnets and costs much less. To use a degaussing wand, a hard drive must be disassembled and the platters exposed to the wand for approximately 2 minutes.

50 Activity

51 Activity- ANSWERS

52 Activity TestOut Lab 12.3.6 Require a Screen Saver Password
TestOut Lab Encrypt Files TestOut Lab Configure the Windows Firewall

53 Review- 3Q A fingerprint reader is what kind of security?
Biometrics Where should backups be stored? Off-site The IRS is replacing their computers. What should you do to the old hard drives to protect any sensitive data before you recycle the PC’s? Destroy with a hammer or degausser

54 Security techniques 12.2

55 Protection Antivirus Software Spyware protection Adware protection
An antivirus program runs automatically in background & monitors for problems When virus is detected, user is warned & program attempts to quarantine or delete virus Spyware protection Antispyware programs scan for keyloggers, which capture your keystrokes, and other malware so that it can be removed Adware protection Anti-adware looks for programs that display ads on computer Phishing protection Antiphishing programs block the IP addresses of known phishing websites and warn you about suspicious websites Watch out for the Rogue Antivirus software!!!

56 Removing a Virus Identify what’s happening Disconnect from the network
Let IT know Boot to Safe Mode & scan (or install AV) May need Safe Mode with Networking Use other tools Delete system restore files after cleaned Customer in a hurry? Remove HD & connect to external dock Copy data they need to another PC

57 Signature File Updates
Get your updates for your AV software Auto update

58 Wireless Security Disable SSID (Service Set Identifier)
Change & disable the broadcast MAC address filter Only listed MAC addresses allowed/prevented Encrypt & authenticate data WEP (weak) WPA (better) WPA2 (best) Turn WPS off (easy brute force attack) Many routers offer WiFi Protected Setup (WPS). WPS allows very easy WiFi security setup. With WPS, both the router and the wireless device will have a button that, when both are pressed, automatically configures WiFi security between the devices.

59 Review- 4Q To secure your wireless network you should disable this & enable this… Disable the SSID broadcast Enable WPA2 encryption T or F. Passwords should be text only. T or F. You should set a password lockout rule. What hardware/software security method on the motherboard supports storing encryption keys, digital certificates, and passwords? TPM

60 Review- 3Q What was the 1st wireless encryption, which is also the weakest? WEP What security method has a chip on a card? Smart Card What wireless security method will ensure ONLY your computers are accessing the network? MAC address filtering

61 Hardware firewalls 12.2

62 Hardware Firewall Configurations
Integrated into SOHO routers Packet filtering Every packet inspected Must match rule for allow or deny Based on protocols/ports in/out SPI (Stateful Packet Inspection) Packets must be part of a known connection Proxy Server Inspects all packets against rules

63 DMZ Demilitarized Zone
If you have a server that needs to be accessed from the outside world, place it in a zone that is not in your network Prevents attacks from getting in the LAN.

64 Port Forwarding Specific ports must be opened so that certain applications can communicate with devices on different networks Port forwarding is a rule-based method of directing traffic to a certain device in the network Used in gaming or security cameras Port triggering will do the same but for a specific device.

65 Activity Packet Tracer Lab Configure Wireless Security

66 Protecting Equipment Physical Access Cable locks Locked rooms
Security cages Alarms Web cams RFID tags Access Multifactor authentication Disable AutoRun & AutoPlay

67 Preventive maintenance for security
12.3

68 Common Preventive Maintenance Techniques
Download OS service packs & patches Make regular data backups Enable Windows Firewall & manually add ports Maintain accounts Group users; disable employee accounts when they leave; login times, etc.

69 Common problems for security
12.4

70 Common Problems

71 PC Support & Repair Chapter 12 Security
9 days including study guide and test

Download ppt "PC Support & Repair Chapter 12 Security"

Similar presentations

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
PC Support & Repair Chapter 9 Fundamental Security.

PC Support & Repair Chapter 9 Fundamental Security.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Securing Your Home Computer Presenter: Donnie Green Date: February 11, 2009 National Aeronautics and Space Administration www.nasa.gov.

Securing Your Home Computer Presenter: Donnie Green Date: February 11, 2009 National Aeronautics and Space Administration
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.

Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.
PC Support & Repair Chapter 10 Fundamental Security.

PC Support & Repair Chapter 10 Fundamental Security.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
I T Essentials I Chapter 9 JEOPARDY.

I T Essentials I Chapter 9 JEOPARDY.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.

Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
Hacker Zombie Computer Reflectors Target.

Hacker Zombie Computer Reflectors Target.
Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.

Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Similar presentations

Ads by Google