A Guide to Managing and Maintaining your PC, 6e - PowerPoint PPT Presentation

1 / 51
About This Presentation
Title:

A Guide to Managing and Maintaining your PC, 6e

Description:

Learn how to secure a desktop or notebook computer ... Learn how malicious software works and how to ... Worm: self-replicating program that overloads network ... – PowerPoint PPT presentation

Number of Views:82
Avg rating:3.0/5.0
Slides: 52
Provided by: cnsT8
Category:

less

Transcript and Presenter's Notes

Title: A Guide to Managing and Maintaining your PC, 6e


1
A Guide to Managing and Maintaining your PC, 6e
  • Chapter 19
  • Securing Your PC and LAN

2
Objectives
  • Learn how to secure a desktop or notebook
    computer
  • Learn how to secure a local wired or wireless
    network
  • Learn how malicious software works and how to
    clean an infected system

3
Introduction
  • Topics to cover
  • Methods for protecting computers and networks
  • How to use several security tools
  • How malicious software works
  • A step-by-step plan to remove malicious software

4
Securing Your Desktop or Notebook Computer
  • Reasons for providing additional security
  • Protection from attacks within the network
  • Attacks through security loopholes
  • Exposure during travel
  • A few methods for securing a computer
  • Limit use of the administrator accounts
  • Keep Windows updates current
  • Physically protect your equipment
  • Keep good backups of user data
  • Destroy trash that might contain sensitive data

5
Access Control
  • Authentication identifies an individual
  • Authorization assigns privileges/rights to
    individuals
  • Types of passwords
  • Power-on passwords (configured in CMOS setup)
  • Windows passwords
  • Online account passwords
  • Application passwords
  • Some rules for creating strong passwords
  • Combine upper/lower case letters, numbers,
    symbols
  • Do not use words in any language

6
Figure 19-3 Set supervisor and user passwords in
CMOS setup to lock down a computer
7
Access Control (continued)
  • Controlling access to a PC using Windows
  • Set a user password for the user account
  • Configure user access to certain files and
    folders
  • Overview for assigning permissions to file and
    folder
  • Disable simple file sharing from View in Folder
    Options
  • Open Properties window of a folder and select
    Sharing
  • Click Permissions and select options
  • Protected files and folders display
    authentication box
  • Cacls command for configuring file and folder
    access

8
Figure 19-9 Control who can access a folder and
the rights given that user or user group
9
Limit Use of the Administrator Account
  • Three common types of accounts in Windows
  • Administrator
  • Guest
  • Limited User
  • Advice for protecting the Administrator Account
  • Create a Limited User account for ordinary
    activities
  • Use Administrator account for reserved activities
  • Change appearance of desktop to flag the account
  • Change strong password on a regular basis

10
Use a Personal Firewall
  • Firewalls are implemented in software or hardware
  • Purpose of a firewall
  • Prevent worms or hackers from invading your
    system
  • Turn on Windows Firewall to protect your system
  • It may be configured to allow for exceptions
  • Windows Firewall is included with Service Pack 2

11
Figure 19-14 Use Windows Firewall to protect a
Windows XP computer
12
Use AV Software
  • Antivirus (AV) software protects system from
    viruses
  • Using AV software to greatest effect
  • Configure software to automatically download
    updates
  • Run AV software as a background process
  • Set software to automatically scan e-mail
    attachments
  • Virus signature distinguishing characteristics
    of virus
  • AV software does not always stop adware or
    spyware
  • Use removal program for adware or spyware
  • Example Ad-Aware by Lavasoft (www.lavasoft.com)

13
Figure 19-15 Set your AV software to stay current
automatically
14
Keep Windows Updates Current
  • Causes for Windows susceptibility to attacks
  • Popularity of system makes it an attractive
    target
  • Highly integrated components give many entry
    points
  • Update Web site windowsupdate.microsoft.com
  • Two ways to keep updates current
  • Access Web site from Windows Update
  • Run automatic update utility as background
    process

15
Figure 19-16 Turn on Automatic Updates
16
Set Internet Explorer for Optimum Security
  • Some security features in Internet Explorer
  • Pop-up blocker
  • The ability to manage add-ons
  • The ability to block scripts
  • The ability to disable scripts embedded in Web
    pages
  • The ability to set the general security level
  • Medium is recommended

17
Figure 19-18 Control security settings for
Internet Explorer
18
Use Alternate Client Software
  • Microsoft products targeted by authors of malware
  • Microsoft Internet Explorer
  • Microsoft Outlook Express and Microsoft Outlook
  • Some reasons for susceptibility
  • Popularity
  • Close integration with other Windows components
  • Use of ActiveX controls
  • Alternate browser Firefox by Mozilla
  • Alternate e-mail client Eudora by Qualcomm

19
Consider Using Microsoft Shared Computer Toolkit
for Windows XP
  • Microsoft Shared Computer Toolkit for Windows XP
  • Locks down the drive on which Windows is
    installed
  • Features of Windows XP that can be locked down
  • Windows configuration
  • Installed software or hardware
  • User settings or user data
  • Some temporary changes are allowed
  • When system reboots, it returns to prior state
  • Toolkit can be downloaded for free

20
Hide and Encrypt Files and Folders
  • Windows 2000/XP Encrypted File System (EFS)
  • Works on with Windows 2000/XP NTFS EFS
  • Is not supported in Windows XP Home Edition
  • Encryption technology for encrypting
    folders/files
  • Best practice encrypt at the folder level
  • How to encrypt a file or folder
  • Open Properties window of file or folder
  • Click Advanced and select appropriate options
  • Encrypted folders and files in are displayed in
    green

21
Figure 19-21 Encrypt a file or folder using the
Properties window
22
Hide and Encrypt Files and Folders (continued)
  • Overview for sharing an encrypted file
  • First export your certificate
  • The other user imports certificate for access to
    file
  • Sharing tool Certificate Export Wizard
  • Data recovery agent (DRA) can decrypt
    file/folder
  • Three ways decrypt a file or folder
  • Change encryption attribute from Properties
    window
  • Move file or folder to a FAT logical drive
  • Use the Cipher command

23
Figure 19-27 A file is no longer encrypted when
it is moved off the NTFS drive
24
Physically Protect Your Equipment
  • Dont move or jar your computer when its turned
    on
  • Dont smoke around your computer
  • If your data is private, keep it under lock and
    key
  • Keep magnets away from your computer
  • Lock down the computer case

25
Beware of Social Engineering
  • Social engineering
  • Tricking people into giving out private
    information
  • Passing unsafe programs into the network or PC
  • Some techniques of social engineers
  • Phishing extracting personal data via e-mail
  • Scam e-mail offers to join phony ventures
  • Virus (e-mail) hoax clogs up e-mail systems
  • A few rules for using the Internet
  • Do not click links inside e-mail messages
  • Investigate a Web site before downloading software

26
Beware of Social Engineering (continued)
  • Two ways to debunk a hoax e-mail
  • Note phrases/subjects that request mass
    forwarding
  • Use services of security site e.g.,
    www.hoaxkill.com
  • Scripts code segments automating set of tasks
  • Example files with extensions .wsf and .vbs
  • Malicious scripts are often hidden in e-mails
  • Example the link www.symantec.com.vbs
  • Protecting against malicious scripts
  • Set Windows to display file extensions
  • Set Windows to first load script to Notepad

27
Figure 19-28 An example of a hoax e-mail message
28
Figure 19-30 Use the Edit File Type window to
change the way Windows displays and manages a
file type
29
Keep Good Backups of User Data
  • Prepare for a disaster by making good data
    backups
  • Refer to Chapter 13 for backup procedures

30
Backup System Files
  • Use Ntbackup to back up System State and registry
  • Refer to Chapter 12 for procedures
  • When to back up the System State
  • After you have made major changes to the system
  • Example after installing a new hard drive
  • Make backups a routine part of monthly
    maintenance

31
Make Use of Event Logging and Incident Reporting
  • Some incidents you might be expected to report
  • An attempt at breaking in to a secured PC or
    network
  • The security has been broken
  • An alarm has been activated
  • Some reasons for incident reporting
  • The need for others to respond to an incident
  • The need to know about a weak security loophole
  • Legal concerns
  • Monitoring Windows 2000/XP logon events
  • Configure Event Viewer to track failed logon
    attempts

32
Figure 19-32 Event Viewer monitoring failures at
logging on to Windows XP
33
Make Use of Event Logging and Incident Reporting
(continued)
  • Monitor changes to files and folders
  • Set the Group Policy to audit an object
  • Add the users that you want to monitor
  • Decide which activity to monitor
  • View logged activity in the Event Viewer
  • Some third-party monitoring tools
  • Autoruns by Sysinternals
  • WinPatrol by BillP Studios
  • Monitoring network activity with Windows
    Firewall
  • Configure Log Settings accessed from Advanced tab

34
Figure 19-39 Using Windows Firewall, you can log
dropped packets and successful connections
35
Destroy the Trash
  • Trash is a source of sensitive information
  • How to prevent the exposure of data
  • Destroy all storage media before you throw it
    out.
  • Destroy hard copies that contain sensitive data
  • Steps to take when migrating from older medium
  • Encrypt data being migrated between systems
  • Control user access to migrated data
  • Destroy old data storage medium no longer being
    used
  • Erase hard-drive of old PC with a zero-fill
    utility

36
Perform a Monthly Security Maintenance Routine
  • Change the administrator password
  • Make sure system is being automatically updated
  • Check that AV software is installed and current
  • Visually check the equipment for tampering
  • Check the Event Viewer

37
Securing Your Wired or Wireless Network
  • Topics to cover
  • How to use a router to secure a small network
  • How to secure a wireless network
  • Authentication techniques used for larger
    networks

38
Use a Router to Secure a SOHO Network
  • SOHO a small office or home office
  • Use a router to secure a SOHO network
  • Tasks that routers perform
  • Limit communication from outside the network
  • Limit communication from within the network
  • Secure a wireless access point
  • Implement a virtual private network (VPN)
  • Keep router firmware current

39
Authentication Technologies
  • Controlling network access
  • Encrypt user accounts/passwords at point of entry
  • Decrypt user accounts/passwords before validation
  • Popular authentication protocols CHAP, Kerberos
  • Two-factor authentication present two types of
    id
  • Smart cards
  • Device with id information keyed or read into
    system
  • Variations key fob, magnetic strip, and USB
    smart cards
  • Biometric data id based on physical
    characteristics
  • Some biometric devices iris scanner, fingerprint
    reader

40
Figure 19-41 For best security, keep your
hardware firewall firmware updated
41
Figure 19-42 A smart card such as this SecurID
key fob is used to authenticate a user gaining
access to a secured network
42
Dealing with Malicious Software
  • Malicious software (malware or computer
    infestation)
  • Any unwanted program intending harm to system
  • Transmitted to your computer without your
    knowledge
  • Examples of malware viruses and worms
  • Topics to cover
  • How to recognize that a system is infected
  • How to understand how malicious software works
  • How to clean up the mess

43
Youve Got Malware
  • Some signs of malicious messages
  • Pop-up ads plague you when surfing the Web
  • Strange or bizarre error messages appear
  • Less memory than usual is available
  • Strange graphics appear on your computer monitor
  • The system cannot recognize the CD-ROM drive
  • Files constantly become corrupted
  • The OS boots, but cannot launch the Windows
    desktop
  • Your antivirus software displays one or more
    messages

44
Here's the Nasty List
  • Virus
  • Program that replicates by attaching to other
    programs
  • Infected program must execute for virus to run
  • Example boot sector program
  • Protection run AV software in the background
  • Adware produces all those unwanted pop-up ads
  • Spam is junk e-mail that you do not want
  • Spyware program installing itself to spy on you
  • Worm self-replicating program that overloads
    network

45
Figure 19-46 The crash virus appears to be
destructive, making the screen show only garbage,
but does no damage to hard drive data
46
Here's the Nasty List (continued)
  • Browser hijacker alters home page/browser
    settings
  • Dialer dials phone number without your knowledge
  • Keylogger tracks all your keystrokes
  • Logic bomb dormant code triggered by an event
  • Trojan horse disguises itself as a legitimate
    program

47
Here's the Nasty List (continued)
  • Types of viruses
  • Boot sector virus hides in the boot sector
    program
  • File virus hides in executable (.exe, .com, or
    .sys)
  • Multipartite virus combined boot sector and file
    virus
  • Macro virus hides in documents of macro files
  • Script virus a virus that hides in a script
  • How malware replicates and hides
  • Uses various techniques to load itself into
    memory
  • Attempts to hide from AV software
  • Example stealth virus manipulates its storage
    file

48
Step-by-Step Attack Plan
  • Run reputable AV software
  • Examples Norton Anti-Virus and McAfee VirusScan
  • Run adware or spyware removal software
  • Example Windows Defender by Microsoft
  • Search out and destroy whats left
  • Respond to any startup errors
  • Delete malicious files
  • Purge restore points
  • Clean the registry
  • Root out rootkits

49
Figure 19-57 Results of running Windows Defender
by Microsoft
50
Summary
  • Protect accounts and applications with passwords
  • File and folders can be configured for selective
    permissions
  • Standard security tools AV software, firewalls,
    Windows Update
  • Encryption technology Windows 2000/XP NTFS EFS
  • Techniques used by social engineers phishing,
    scam e-mails, virus hoaxes

51
Summary (continued)
  • Some events to monitor failed logon access
    attempts and network activity
  • Use a router to secure a SOHO network
  • Security techniques for larger networks smart
    cards, authentication protocols, biometric
    devices
  • Malware invasive programs such as viruses and
    worms
  • If AV software cannot clean or delete malware,
    use other techniques such as deleting file from
    directory
Write a Comment
User Comments (0)
About PowerShow.com