1 / 34

CN1260 Client Operating System

CN1260 Client Operating System. Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+. Agenda. Chapter 12: Resolving Security Issues Quiz Exercise. To Keep a System Secure. Always require usernames and passwords Don’t give your password to anyone

khuyen
Download Presentation

CN1260 Client Operating System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

  2. Agenda • Chapter 12: Resolving Security Issues • Quiz • Exercise

  3. To Keep a System Secure • Always require usernames and passwords • Don’t give your password to anyone • Change your passwords frequently • If your password is compromised, change your password immediately. • Don’t allow people to watch you type in your password • Do not write your password down near the computer • Always log off or lock your computer • Use a password-protected screen saver • Use strong passwords • At least 8 characters long and are a mix of lowercase, uppercase, digits, and special characters

  4. To Keep a System Secure (Cont.) • Do not use obvious passwords • Don’t always assign full permissions to resources • Only assign the permissions that people need to perform their job or task • Do not always log on as an administrator • Log in as a standard user and then elevate to an administrator as needed • Using the runascommand • Right-clicking an icon while pressing the Shift key and selecting RunasAdministrator

  5. Social Engineering • The act of manipulating people into performing actions or divulging confidential information • Trick someone into giving their username, password, or other private information such as credit card numbers and social security numbers

  6. Phishing • A technique of fraudulently obtaining private information. • The phisher sends an email that appears to come from a legitimate business and requests verification such as your bank account information or social security number • A realistic website where you would input the information

  7. Malicious Software (Malware) • Software designed to infiltrate or affect a computer system without the owner’s informed consent • Usually associated with viruses, worms, Trojan horses, spyware, rootkits, and dishonest adware

  8. Computer Virus • A program that can copy itself and infect a computer without the user’s consent or knowledge • Had some form of executable code that was hidden in the boot sector of a disk or as an executable file (with a .exe or .com filename extension) • Macros languages (which can be used to infect documents)

  9. Worm • A self-replicating program that replicates itself to other computers over the network without any user intervention • Worm DOES NOT corrupt or modify files on a target computer • Consumes bandwidth and processor and memory resources, slowing your system down or causing your system to be unusable • Worms usually spread by using security holes found in the operating system or TC/IP software implementations

  10. Trojan Horse • An executable that appears as a desirable or useful program • After the program is loaded, it can cause your computer to become unusable or it can bypass your system’s security allowing your private information to be read including passwords, credit card numbers, and social security numbers, and it may execute adware

  11. Spyware • A type of malware that is installed on computers and collects personal information or browsing habits often without the user’s knowledge • It can also install additional software, and redirect your web browser to other sites or change your home page. • Keylogger

  12. Rootkit • A software or hardware device designed to gain administrator-level control over a computer system without being detected • Rootkits can target the BIOS, hypervisor, boot loader, kernel, or less commonly, libraries or applications

  13. Symptoms of Malware • Poor performance while connected to the Internet • Computer stops responding frequently • Computer takes longer to start up • Unexpected additional toolbars added to the browser • Unexpected programs automatically start • Components of Windows or other programs no longer work • Unusual messages or displays on your monitor • See Full list on Page 230

  14. Protecting Against Malware • Keep your Windows (as well as other Microsoft products such as Microsoft Office) system up-to-date with the latest service packs, security patches, and other critical fixes • Up-to-date anti-virus software package • You should install an anti-spyware software package. • You should also run your anti-virus software at least once a week and do a full scan

  15. Windows Defender • A software that prevents, removes, and quarantines spyware • Protects against pop-ups, slow performance, and security threats caused by spyware and other unwanted software

  16. User Account Control • A feature that helps prevent unauthorized changes to your computer • To use Protected Mode in IE, you need to have UAC

  17. Firewall • Software or hardware that checks information coming from the Internet or a network • Either blocks it or allows it to pass through • Help prevent hackers or malicious software from gaining access to your computer through a network or the Internet • A stateful firewall is a firewall that keeps track of the state of network connections • Determines which packets are legitimate based on the current network connections • Only packets matching a known connection state will be allowed by the firewall; others will be rejected.

  18. Understanding Firewalls • Base their filtering on TCP/IP characteristics: • IP address - Specific computers • Protocol numbers - Transport layer protocol • Port number - Application running on computer • Rules are used to filter traffic two ways: • Admit all traffic, except that which applies to the rules • Block all traffic, except that which applies to the rules

  19. Windows Firewall • See Figure 12-1 on Page 232 • Firewall with advanced options • Allow or deny depends on the programs or ports • See Figure 12-2 on Page 233 • See Figure 12-3 on Page 234

  20. Avoiding Malware • Don’t install unknown software or software from a disreputable source • Don’t open unexpected or unsolicited email attachments • Don’t click on hyperlinks in messages from unknown people • If your email client supports auto launch, turn it off • If your web browser alerts you that a site is known for hosting malware, pay attention to these warnings • If you surf the Internet and you get browser pop-ups that you need to download the newest driver or you need to check your system for viruses, use caution • Don’t forget to perform regular backups

  21. Action Center • A central place to view alerts and take actions to keep Windows running • Enables users and administrators to access, monitor, and configure the various Windows 7 security mechanisms • The primary function • Provide an automatic notification system that alerts users when the system is vulnerable • See Figure 12-4 on Page 235

  22. Removing Malware • Run an anti-virus software package and perform a full scan • Reboot your computer and run it again to be sure your system is clean • Keeps running it until you are all clear.

  23. Malicious Software Removal Tool • Checks computers running Windows for infections by specific, prevalent malicious software • Second Tuesday of each month • The tool is available from Microsoft Update, Windows Update, and the Microsoft Download Center.

  24. Tools to Limit Malware • Disable unknown or questionable services and startup programs • Task Manager • Services MMC • System Configuration (msconfig.msc) • Disable unknown or questionable Internet Explorer add-ons

  25. Virus Hoax • A message warning the recipient of a nonexistent computer virus threat, usually sent as a chain email that tells the recipient to forward it to everyone he or she knows

  26. Windows Updates • Fixes, patches, service packs, and device drivers, and apply them to the Windows system. • If there are many fixes or patches, Microsoft releases them together as a service pack or a cumulative package • See Figure 12-5 on Page 237 • You can set how often and what to install • See Figure 12-6 on Page 238

  27. Windows Updates (Cont.) • Security updates • A broadly released fix for a product-specific security-related vulnerability • Critical, important, moderate, or low • Critical updates • A broadly released fix for a specific problem addressing a critical, nonsecurity-related bug • Service Packs • A tested, cumulative set of hotfixes, security updates, critical updates, and updates, additional fixes for problems found internally since the release of the product • Service Packs might also contain a limited number of customer-requested design changes or features

  28. Encryption and Decryption • Encryption • The process of converting data into a format that cannot be read by another user • Decryption • The process of converting data from encrypted format back to its original format.

  29. Encryption • Encryption algorithms can be divided into three classes: • Symmetric (Secret-key, shared-key, and private-key encryption) • Uses a single key to encrypt and decrypt data • Initially send or provide the secret key to both sender and receiver • Asymmetric • One key is used to encrypt the data while the second key is used to decrypt the data • Certificate Authority (CA) • Hash function • A one way encryption (it cannot be decrypted) • It can used to encrypt a password that is stored on disk

  30. Encrypting File System (EFS) • Encrypt files on an NTFS volume • After a file has been encrypted • You do not have to manually decrypt an encrypted file before you can use it • See Figure 12-7 on Page 240 • A recovery agent • Can recover encrypted files for a domain

  31. BitLocker • Windows 7 Enterprise and Ultimate • Encrypts an entire volume to protect against unauthorized persons, such as someone stealing a hard drive • Computer must have a Trusted Platform Module (TPM) and a compatible BIOS • A TPM is a microchip that is built into a computer • Store cryptographic information, such as encryption keys

  32. BitLocker (Cont.) • Data recovery agent (DRA) • A user account that an administrator has authorized to recover BitLocker drives for an entire organization with a digital certificate on a smart card • Administrators of Active Directory Domain Services (AD DS) networks use DRAs to ensure access to their BitLocker-protected systems, to avoid having to maintain large numbers of individual keys and PINs

  33. BitLocker To Go • A new feature in Windows 7 that enables users to encrypt removable USB devices, such as flash drives and external hard disks • a TPM chip is not required

  34. Assignment • Submit these before class over on Thursday • Fill in the blank • Multiple Choice • True / False • Lab 12

More Related