meljun cortes computer organization lecture chapter23 computer security

Download MELJUN CORTES Computer Organization lecture chapter23 computer security

Post on 16-Jul-2015




1 download

Embed Size (px)


  • Chapter 23Computer SecurityMELJUN CORTES

  • OverviewIn this chapter, you will learn to

    Explain the threats to your computers and data

    Describe how to control the local computing environment

    Explain how to protect computers from network threats

  • Analyzing the ThreatHistorical/Conceptual

  • ThreatsUnauthorized accessAny user accesses resources in an unauthorized wayNot locked down

    Data destructionIntentional or accidental data lossUnauthorized data modification

    Administrative accessXP Home almost requires granting multiple users administrator accessUse Windows 2000 or XP Pro to control access

  • ThreatsSystem crash/hardware failuresHard drives crash, power failsRedundant systems provide protection

    Viruses/spywareTravel quickly in a networkCome from the Internet, floppy disks, optical discs, and USB drivesGoal is to prevent infection


  • CompTIA A+ EssentialsEssentialsGetting the Right Sound CardLocal Control

  • Local ControlIdentify what to back up

    Eliminate sensitive data from discarded media

    First, Do No HarmPart of physicians oath

    First, Secure the DataTech version of the oath

  • What to Back UpEssential dataUse the Backup toolDocuments and Settings folder for all usersE-mail and address booksOther data

  • What to Back UpServersSome servers have critical data (Active Directory)Back up System State to includeMost of Registry, security settings, and more

  • Off-Site StorageBackups should be stored someplace other than your place of businessCould be tape, CD, portable drive

    Off-site storageCopy of backup stored in another geographical locationProtects against major disaster such as fire, flood, etc.

  • MigrationWhen a computer is replacedMove users data and settings to new computerUse a tool such as File and Settings Transfer (FAST) WizardDont connect new computer to network until security has been implemented Old computerNew computer


  • MigrationEliminate data remnantsJust formatting or repartitioning isnt enoughUse a tool such as Windows WasherCan eliminate specific data or the entire drive

  • RecycleDont just throw computers in trash

    Keeps toxic chemicals out of landfills

    Recycling centers will take them

    Donate Schools and other organizations will gladly take used computers

  • CompTIA A+ TechnicianIT TechnicianGetting the Right Sound CardSocial Engineering

  • Social EngineeringUsing or manipulating people in the network to gain access to the network

    InfiltrationPhysically sneaking into buildingTalking to people gathering pieces of information

    Telephone scamsSimply asking for informationImpersonating someone else

  • Social EngineeringDumpster diving

    Searching through trash looking for information

    Individual pieces of data can be put together as a puzzle

    Physical theft

    Servers need to be kept behind locked doors

    The best network security is beaten easily if physical security is ignored

  • Access ControlPhysical securityLock the doorDont leave PC unattended when logged on

    AuthenticationSoftware authentication using proper passwordsHardware authentication using smart cards and biometrics

  • Access ControlUse NTFS, not FAT32FAT32 provides very limited securityUse NTFS whenever possible

    To convert FAT32 drive to NTFSConvert D:\ /FS:NTFS

    Users and groupsCan add users to groupsUsers now have permissions of group

  • Network SecurityUser account control through groupsCan grant permission to groupGroups represented by icon

  • Network SecurityAdding users to a groupDone in Computer Management

  • Network SecurityEffective permissions (combined)Rita is in Sales Group and Managers groupSales granted List Folder Contents permissionManagers granted Read & Execute permissionRita has Read & Execute AND List Folder Contents permissions (combination of both)Sales groupManagers groupList Folder ContentsRead & Execute

  • Network SecurityDefault groups

    Everyone, Guests, Users

    Can become backdoors to the network

    Windows 2000 gives full control to the Everyone group by default

  • Security PoliciesLocal Security SettingsSet via Local Security Policy in Administrator ToolsCan set Local Computer Group Policy Object EditorApplies only to this computer

  • Security PoliciesLocal Group Policyapplies locally only

  • Security PoliciesExamples of what can be done with Group Policy in a domainPrevent Registry EditsPrevent Access to the Command PromptLog on LocallyShut Down SystemMinimum Password LengthAccount Lockout ThresholdDisable Windows InstallerMuch more

  • Malicious SoftwareTogether known as malware






    GraywareYouve got Virus!Hey, new mail coming your way!

  • MalwareVirusesDesigned to attach themselves to a program When program is used, the virus goes into actionCan wipe out data, send spam e-mails, and more

    TrojansDesigned to look like one program (such as a game or utility)Does something else too, such as erase CMOS

  • MalwareWormsSimilar to a Trojan but on a networkTravels from machine to machine through network Commonly infects systems because of security flaws

    Best protection against WormsRun antivirus softwareKeep security patches up to dateUse tools such as Windows Update or Automatic Update to get critical updates

  • Antivirus ProgramsAntivirus programsCan be set to scan entire computer actively for viruses

    Can be set as virus shield to monitor activity such as downloading files, receiving e-mail, etc.

    Viruses have digital signatures

    Antivirus programs have library of signatures

    Update signatures regularly

  • Virus TechniquesPolymorphics/PolymorphsViruses attempt to change or morph to prevent detectionCode used to morph (scrambling code) often used as signature

    StealthVirus attempts to hide and appear invisibleMost are in boot sectorSome use little-known software interruptOthers make copies of innocent-looking files

  • Virus Prevention TipsScan all incoming programs and data

    Scan the PC daily

    Update signatures regularly

    Keep bootable CD-R with copy of antivirus program

    Be careful with e-mailConsider disabling preview windowOnly open attachments from known sources

  • MalwareSpamUnsolicited commercial e-mail (UCE)To avoid, dont give out your e-mail address

    Pop-upsMany modify the browser so hard to closeSome open up other pop-ups when one pop-up is closedTo closeRight-click the browser on the taskbar and select CloseWhile the pop-up is displayed, press Alt-F4

  • SpywareFamily of programs that run in the backgroundCan send information on your browsing habits Can run distributed computing apps, capture keystrokes to steal passwords, reconfigure dial-up, and more

    Preventing installationBeware of free programs such as Gator, Kazaa, othersAdobes Shockwave and Flash reputable, but many others are not

  • SpywareAggressive tacticsTry to scare you into installing their program

    Removing SpywareWindows DefenderLavasofts Ad-AwarePepiMKs Spybot Search & Destroy

  • GraywareNot destructive in themselvesLeach bandwidth in networks

    Some people consider them beneficial

    Used to share files (e.g., BitTorrent)

    Can push network over the edge

  • FirewallsUsed to block malicious programs from the Internet

    Can be software, hardware, or both

    Windows XP has built-in firewallInternet

  • EncryptionMakes data packets unreadable

    Changes plaintext into cipher text

    Encryption occurs at many levels

    Multiple encryption standards and options

    Our lowest sell price is $150,000Encryption algorithm*2jkpS^ aou23@ `_4LaujpfDecryption algorithmOur lowest sell price is $150,000

  • Network AuthenticationAuthenticationProving who you areDone by providing credentials i.e., user name and passwordCredentials rarely passed in plaintext

    Common remote access protocolsPAP: Password Authentication Protocol (clear text)Rarely usedCHAP: Challenge Handshake Authentication Protocol Most popularMS-CHAP: Microsoft CHAPPopular with Microsoft applications

  • EncryptionDial-up encryption

    Set on the server

    Data encryption

    Multiple protocols possible

    Microsoft method of choice is IPSec (IP Security)

  • Application EncryptionMany applications can use other protocols to encrypt dataOn the Web, HTTPS commonly usedUse digital certificatesCertificates issued by trusted authoritiesTrusted authorities added to Web browsersInvalid certificates can be cleared from cache

  • Wireless IssuesSet up wireless encryptionWEP,WPA, or preferably WPA2Have clients use static address If you must use DHCP, limit available addressesChange default SSIDAnd disable SSID broadcastFilter by MAC addressesChange default user name and passwordsTurn on WAP firewall

  • ReportingEvent ViewerApplication SecuritySystem

  • Event ViewerCan view errors that a user saw and forgot

    Can get help with errors by clicking the Microsoft link

  • ReportingAuditingEvent auditinglogs eventsObject access auditinglogs resource accessSomeone else will set upbut you need to be aware of the policies

    Incidence reportingWhen events occur, you need to report themSupervisors and/or managers may have more informationReporting one seemingly innocuous event may help the supervisor solve a bigger problem

  • Beyond A+Security in Windows VistaUser Account