Download presentation
Presentation is loading. Please wait.
Published byTracy Morton Modified over 9 years ago
1
Networking Security Chapter 8 powered by dj
2
Chapter Objectives Explain various security threats Monitor security in Windows Vista Explain basic Firewall Use Windows Firewall with Advanced Security Keep your system secure with Windows update Block virus using Antivirus Stop spyware with Windows Defender powered by dj
3
Recall The Internet Protocol (IP) is method or protocol, using which the data transferred from one computer to the other on the Internet Transmission control protocol (TCP) is a connection oriented protocol that provides reliable transport service between both the end systems The TCP/IP services are Dynamic Host Configuration Protocol (DHCP), Domain Name Service,Automatic Private IP Addressing (APIPA), Windows Internet Name Service (WINS) Wireless network uses radio signals frequency to communicate among computers and other network devices powered by dj
4
Identifying Security Threats A security threat can either be residing in the user’s system or enter the system from an outside source Types of Security Threats VirusWormsSpyware powered by dj
5
Question for group discussion – What is Spyware? (2 min) powered by dj
6
User Account Control (UAC) I Helps in preventing unauthorized changes to take place Allows the user to perform common tasks as a standard user without requiring the user to switch users Windows Vista creates tokens that depend upon the user type Types of user StandardAdministrator powered by dj
7
User Account Control (UAC) II UAC prompts identified by the type of application that triggered the prompt These applications can be classified as: System applications Applications blocked by Group Policy or from a blocked publisher Applications not trusted by local computer Applications authenticated and trusted by local computer powered by dj
8
Practical Activity: Demonstrate a procedure to enable UAC. (5 min) powered by dj
9
Monitoring Security in Windows Vista Windows Vista continuously monitors the security status of the system with an application called Windows Security Center Central point of administration of the various security components that are present in the system Represented by a shield icon in the notification area on the taskbar powered by dj
10
Introducing Windows Security Center Application that monitors the security status of the system by checking the status of Firewall, Windows Update, Windows Defender, Malware and other security components Supports third-party security components The main components are: Firewall Automatic updating Malware protection Other security settings powered by dj
11
Question for group discussion – What is Worm? (2 min) powered by dj
12
Basic Firewall Firewall is software or hardware that checks information that comes from the Internet or a network, depending on your firewall settings, either it blocks the information or allows it to pass through your computer In Windows Vista it supports incoming as well as outgoing traffic Windows Vista uses two firewalls: Windows Firewall Windows Firewall with Advanced Security powered by dj
13
Managing Windows Firewall Works by regulating the network traffic on a set of rules If a rule does not exist for the incoming or outgoing traffic, the firewall drops the traffic Tools for managing the firewall: Windows Firewall Windows Firewall with Advanced Security Group Policy Object Editor Netsh Utility powered by dj
14
Question for group discussion – What is Firewall? (2 min) powered by dj
15
Identifying Profiles and Network Location Awareness Three types of profiles based on the network location types assigned by NLA: Private – When computer is connected to Home or Work network Public – When the network of computer is connected to a public location like University, Airport Domain – When computer is connected to an Active Directory domain powered by dj
16
Practical Activity: Demonstrate a procedure to configure a firewall. Ask the students to perform the procedure to disable Windows Firewall for a particular connection.(20 min) powered by dj
17
Verifying and Modifying the Firewall State Windows Firewall is enabled by default State of Windows Firewall can be verified from Windows Security Center By choosing the turn off option of Windows Firewall it will disable the firewall completely If you have multiple network interface cards, you can select all of them, unless you have some specific reason for leaving one unprotected powered by dj
18
Configuring Exceptions Exception is an instruction used by windows firewall to open a port briefly, allow a program or service to pass a specific piece of information through and then close the port Prevents the programs under the exception list from being blocked by the firewall powered by dj
19
Practical Activity: Demonstrate a procedure to add a new program and set its exception. Ask the students to perform a procedure to set exception for an incoming connection by opening a port. (20 min) powered by dj
20
Windows Firewall with Advanced Security Provides advance options for setting the rules and exceptions for incoming as well as outgoing traffic Window FirewallWindow Firewall with Advanced Security Used to configure only inbound exception Used to configure inbound and outbound exceptions Used to apply the firewall configuration for the active profile Configuration can be applied to all network profiles in the computer using Windows Firewall with Advanced Security powered by dj
21
Practical Activity: Demonstrate a procedure to configure basic Windows Firewall settings for a Private profile. (10 min) powered by dj
22
Setting Inbound and Outbound Rules Allows to configure inbound and outbound rules for the network Inbound rules are a set of rules for allowing or blocking all the incoming traffic to the computer Outbound rules are a set of rules for allowing or blocking all the outgoing traffic from the computer powered by dj
23
Practical Activity: Demonstrate a procedure to configure an inbound rule by using Windows Firewall with Advanced Security.(20 min) powered by dj
24
Keeping Your System Secure with Windows Update Windows Update is a service that is used to obtain product updates, latest security features, driver updates, patches to fix any vulnerability in the system, from the internet Microsoft Windows releases updates periodically powered by dj
25
Configuring Windows Update and Windows Update Settings Configured to suit the user’s needs with the help of various options User manage the products to be installed on the system If the user does not wish to get any updates, the update feature can be turned off powered by dj
26
Using Update Manually User can manually check for updates to install them, only when : Windows Update feature is disabled User does not want Windows Update to automatically download and install the updates If updates are available: User can select the appropriate updates Choose to install them powered by dj
27
Removing an Update Most of the updates can be removed from the system Some updates related to security can not be removed User needs to check whether a particular update can be removed or not powered by dj
28
Updating More than One Computer Update by setting Windows Update feature to update automatically Computers with different versions of Windows operating system consumes a lot of work and time For large networks, the Windows Server Update Services (WSUS) can be used powered by dj
29
Hiding Updates and Restoring Hidden Updates When the Windows Update feature is enabled, Windows check for updates regularly Whenever an update is available, the Security Center icon at the notification area displays Hidden updates can be restored later if you want to install them powered by dj
30
Practical Activity: Demonstrate the procedure to configure Windows Update Settings and check for Windows Vista updates manually. Demonstrate the procedure to check for updates that can be uninstalled and the procedure to restore hidden updates. (25min) powered by dj
31
Blocking Virus using Antivirus Virus is dependent on host files while a worm is not Viruses, worms and other malicious programs in the system can be blocked using an antivirus program powered by dj
32
Question for group discussion – What is Virus? (2 min) powered by dj
33
Using an Antivirus Program Protect the system from virus activities When installed, runs in the background and reads each and every file from the disk Configured to perform a routine scan Updated periodically to keep the system secure from new threats Provided by Some Internet Service Provider (ISP) or computer manufacturer powered by dj
34
Group Activity: Ask the students to standup and sit down. powered by dj
35
Scanning for Viruses without an Antivirus Program Upgraded versions of a utility called Malicious Software Removal Tool (MSRT) released periodically MSRT utility scans the system for infections and to clean up the system After clean up is done, this utility removes itself from the user’s system Saves a record of the activities performed and the details of infections found on the system powered by dj
36
Stopping Spyware with Windows Defender Spyware is a type of software that is installed on your computer to watch and record your activity Installed through free software, such as file sharing, screen savers, or search toolbars Windows Defender enables to block and remove the spyware Windows Defender offers three ways to keep spyware away from infecting your computer: Real-time protection SpyNet community Scanning options powered by dj
37
Configuring and Scheduling Scans for Spywares Windows Defender can be configured and scheduled to suit the needs of the user Using Windows Defender, the user can choose to scan the system for spywares automatically or manually powered by dj
38
Practical Activity: Demonstrate the procedure to scan for Spywares automatically. Demonstrate the procedure to configure a custom scan. (10 min) powered by dj
39
Using Real Time Protection Keep watch on the system looking out for spyware programs that may try to access, run and install on the system Windows Defender Warning prompt shows the suspected spywares powered by dj
40
Responding to Windows Defender Alerts Scan Results window shows the name, alert level, action and status of the program Option display by action list: Remove Quarantine Ignore Always allow If the software is already running and trying to change some windows settings, the two actions to be performed : Permit Deny powered by dj
41
Introducing Windows Defender Definitions Files that act like an encyclopedia of known spyware and other potentially unwanted software Windows Defender works with Windows Update settings to automatically install the latest definition Enables to automatically check for new definition before schedule scans and check for new definitions manually powered by dj
42
Blocking Offending Programs The suspected programs can be blocked by selecting Remove or Remove all option Option appears in Category list : Startup program Currently running programs Network-connected programs Winsock service providers powered by dj
43
Disabling Windows Defender Windows Defender can be turned off, if you do not want to use Windows Defender for scanning the systems for spywares Windows Defender can be turned on again by selecting the Use Windows Defender check box from the Options screen powered by dj
44
Practical Activity: Demonstrate the procedure to automatically check for new definition before schedule scans and a procedure to check for new definitions manually. Demonstrate the procedure to access Software Explorer. Demonstrate the procedure to disable Windows Defender. (15 min) powered by dj
45
Summary I Security threats can be classified into the following three types: viruses, worms and spywares Windows Vista creates tokens at logon to identify the level of access to be provided to the user. A standard user is provided the standard token while an administrator is provided standard as well as administrator token User Account Control feature notifies the user whenever a system wide setting is going to take place Windows Security Center is the central location for administrating the various security components present in the system powered by dj
46
Summary II The firewall in Windows Vista consists of two firewalls: Windows Firewall and Windows Firewall with Advanced Security Network Location Awareness method is used by Windows Vista to categorize the network locations, based on which the following three profiles are created: Public, Private and Domain Exceptions are set on a specific program or port address, to allow it from being blocked by the firewall Inbound and outbound rules allow or block the incoming and outgoing connections respectively powered by dj
47
Summary III Connection Security Rules are the rules followed by Windows Vista computers for authentication before connecting to other computers on the network The configuration of Windows Firewall with Advanced Security can be imported or exported in the form of policies Windows Update provides various security updates to be installed from the Microsoft website Windows Vista supports the use of third-party antivirus software that can be used to block viruses and worms in the system Windows Defender is used to protect the system from spywares and other similar programs powered by dj
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.