420 likes | 431 Views
Learn how to protect your Windows Vista computer from malware attacks. Understand drive-by downloads, freeware risks, file sharing dangers, and email security measures. Enhance your system's security with password policies, regular scans, and Windows Security Centre.
E N D
Configuring Windows Vista Security Lesson 8
Defending Against Malware Malware: software created specifically for the purpose of infiltrating or damaging a computer system without the user’s knowledge or consent • Viruses • Trojan Horses • Worms • Spyware • Adware Chapter 8
How are Computers Infected • Drive by downloads • Freeware (bundled software) • File Sharing (P2P) • Pop up Advertisement • Email Chapter 8
Drive By Downloads • Downloading and installation of programs from the web • Software could be malware • Refuse installation until you know for sure what will be installed Chapter 8
Freeware • A no cost free version of the software which is distributed with bundled adware • Before installing a program research if it • Can be easily removed • How it affects performance • How family-oriented are its advertisements • Good sites to research adware are • www.spywareinfo.com • www.aumha.org • www.castlecops.com. Chapter 8
File Sharing (P2P) • P2P technology that allow users to connect to another users shared folder and swap content • 45% of file sharing contains malware • Used by spammers and hackers to distribute malware viruses, password stealers, spam bots, and software designed to allow the theft of personal data. • Often bundled with adware and spyware which the EULA specifically forbids its removal • Keep antivirus and antispy software up-to-date Chapter 8
Pop Up Advertisements • Small window that appears and usually contains advertisement or spyware • Popup ads are often used by phishing scams designed to trick you into giving personal information • Never enter personal information in a pop up window, even if it appears to be secure • Turn the Windows Messenger Service off Chapter 8
Email • Macro viruses and worms are most common in email messages as attachments • Don’t open an email even from someone you know unless you were expecting it. • Phone or email sender to confirm email first • Don’t click on any link in an email • Type any address directly into your browser • Keep email anti-virus, anti-spyware and anti-phishing software up-to-date Chapter 8
Protect Your Computer • Use Strong Passwords • User Account Control (UAC) *new with Vista • Set Password Policies • Scan Your Computer Regularly • Updated anti-virus, anti-spyware, anti-phishing tools • Automatic Updates • Use Windows Security Centre Chapter 8
Password Policies • Use the Local Security Policy to configure Password Policies to ensure users use Strong Passwords • the most secure passwords are seven or 14 characters • Use a combination of type of characters • Have passwords expire • New passwords must be different from prior passwords Chapter 8
Scan Your Computer • Use the free online Windows Live OneCare Safety Scanner • Or you can subscribe to the Windows Live OneCare service and get complete anti-virus, anti-spyware, anti-phishing, firewall, scanning and tune up services. See Windows Live OneCare Chapter 8
Security in Windows Vista • Windows Security Centre (this lesson) • Lesson 5 – Working with Users and Groups • UAC – prevents malware from gaining Administrative control of computer • Lesson 9 – Configuring Windows Vista Applications • Security features in Internet Explorer • Lesson 12 – Working with Mobile Computers • Security features specifically for use on mobile and wireless computers. Chapter 8
Windows Security Center • Security Center is a centralized console that enables users and administrators to access, monitor, and configure the various Windows Vista security mechanisms. • Provides automatic notifications when the system is vulnerable • Can also monitor third-party programs for currency and operational status • Deactivated on Windows Domain computers
Accessing Security Center Links Firewall Automatic Updating Malware Protection Other Security Settings Chapter 8
Windows Firewall • Protects Windows Vista computers by blocking dangerous traffic, both incoming and outgoing
Monitoring Windows Firewall • Whether the Windows Firewall service is currently turned on or off • Whether inbound and outbound connections are blocked • Whether users are notified when a program is blocked • Whether the computer is connected to a domain, private, or public network Chapter 8
Configuring Windows Firewall Settings • IP address • specific computers • Protocol numbers • Transport layer protocol • Port number • Application running on computer Chapter 8
Creating a Firewall Exception • Click Start, and then click Control Panel. • Click Allow A Program Through Windows Firewall. • Click Add Program. Chapter 8
Creating a Windows Firewall with Advanced Security Console • Click Start, type mmc in the Start Search box, and press Enter. • Click File > Add/Remove Snap-In. • Scroll down in the Available Snap-ins list, select Windows Firewall With Advanced Security, and click Add. • Click Finish to accept the default Local Computer option. • Click OK. Chapter 8
Windows Firewall with Advanced Security Gives full access to Windows Firewall configuration settings. Chapter 8
Automatic Updates Windows Vista feature that enables users to keep their computers current, with no manual intervention. Chapter 8
Windows Defender New Windows Vista application that prevents the infiltration of spyware into the system. Chapter 8
Software Explorer Provided by Windows Defender. Enables you to monitor details about applications running on your computer. Helps you find Spyware that is currently running on your computer. Chapter 8
Protecting Sensitive Data • Windows Vista includes tools like BitLocker and the Encrypting Files System (EFS), which make it possible to prevent data theft using cryptography. Chapter 8
Using the Encrypting File System • EFS is a feature of NTFS that encodes the files on a computer. • The system is keyed to a specific user account • Uses public and private keys • The user who creates the file is the only person who can read it. Chapter 8
Parental Controls Parental controls enables parents to limit their children’s access to specific Internet sites, games and applications. Chapter 8
Setting Up Parental Controls • Based on user accounts – every family member must have their own account • Impose restrictions on accounts • Filter websites users are allowed to access • Limit downloads from internet sites • Enforce time limits for computer use • Restrict access to games by rating, content or title • Allow or block specific applications Chapter 8
Protecting your Identity • Use PayPal or Amazon.com Payments • Make purchases online • Donate money to charities • Send money to anyone with an email account • Ensure that the protocol is https and web site is validated by third party certificates such as Verisign, Thawte, or Entrust Chapter 8
Web Security • Use IE built-in Security zones and set Internet to HIGH • Add safe web sites to the Trusted Zone • Change Email Preferences to read email in plain text only • Use a Pop Blocker in your browser Chapter 8
Instant Messenger • Never download a file unless you know and trust the person • Never open or accept a file even if it is from someone you know , unless you are expecting it. • Keep updated anti-virus and anti-spyware and IM programs Chapter 8
You Learned • Malware is malicious software created specifically for the purpose of infiltrating or damaging a computer system without the user’s knowledge or consent. This type of software includes a variety of technologies including viruses, Trojan horses, worms, spyware, and adware. Chapter 8
You Learned (cont.) • Security Center is a centralized console that enables users and administrators to access, monitor, and configure the various Windows Vista security mechanisms. • Windows Firewall is a software program that protects a computer by allowing certain types of network traffic in and out of the system while blocking others. Chapter 8
You Learned (cont.) • You configure Windows Firewall by creating rules that specify what types of traffic to block and/or allow. • Automatic Updates makes it possible to automate the operating system update process by scheduling the downloading and installation of updates to occur at regular intervals, with no user intervention. Chapter 8
You Learned (cont.) • Windows Defender helps to defend against spyware by scanning the places where it most commonly infiltrates a computer. • Software Explorer is an application that enables you to monitor details about specific applications running on a Windows Vista computer. Chapter 8
You Learned (cont.) • The Malicious Software Removal Tool is a single-user virus scanner that Microsoft supplies in each of its monthly operating system updates. • The Encrypting File System (EFS) is a feature of NTFS that encodes the files on a computer so that even if an intruder can obtain a file, he or she will be unable to read it. Chapter 8
You Learned (cont.) • Windows Vista, in its Home Basic, Home Premium, and Ultimate editions, includes parental controls that you can use to exercise restrictions over other users’ computing habits. Chapter 8