Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Name ________________________________________________________ Date __________________
- Chapter 12: Security
- After completion of this chapter, students should be able to:
- Explain why security is important and describe security threats.
- Explain social engineering, data wiping, hard drive destruction and recycling.
- Identify security procedures.
- Explain what is required in a basic security policy and describe ways to protect data.
- Describe wireless security techniques
- Explain the tasks required to protect physical equipment.
- Identify common preventive maintenance techniques for security.
- Explain measures to maintain operating systems, backup data, configure firewalls, and maintain accounts.
- Apply the six steps of the troubleshooting process to security.
- 12.0 Security
- 1. What are the two type’s general threats to computer security? Give examples of each.
- Physical and Data
- 12.1 Security Threats
- 2. What is Malware and what does it do?
- Malware is any software created to perform malicious acts. The word malware is an abbreviation of malicious software.
- 3. How Malware is typically installed?
- on a computer without the knowledge of the user
- 4. What is a Trojan threat and where are they found?
- A Trojan horse usually looks like a useful program but it carries malicious code
- 5. Trojans are often disguised as what?
- Trojan horses are often provided with free online games
- 6. How much do computer viruses cost business annually? (search this)
- $55 billion dollars per year
- 7. Explain what is Virus protection software and what does it do?
- Antivirus or anti-virus software (often abbreviated as AV), sometimes known as anti-malware software, is computer software used to prevent, detect and remove malicious software. Antivirus software was originally developed to detect and remove computer viruses, hence the name.
- 8. Differentiate the following types of Malware:
- a. Worms
- A worm is a self-replicating program that is harmful to networks with the intent to slow or disrupt network operations
- Worms typically spread automatically by exploiting known vulnerabilities in the legitimate software
- b. Adware
- Usually distributed by downloading online software
- It displays advertising on your computer most often as in a pop-up window
- Adware pop-up windows are sometimes difficult to control and open new windows faster than users can control them
- c. Spyware
- Similar to adware but used to gather information about a user and send the information to another entity, without the user’s consent.
- Spyware can be low threat, gathering browsing data, or it can be high threat where personal or financial information is gathering
- d. Ransomware
- e. Rootkits
- 12.1.1.2 Activity – Identify Malware Types Instructor Check _____________
- 9. Explain what is Phishing and give an example:
- Phishing is when a malicious party sends an email, calls on the phone, or places a text with the intent to trick the recipient into providing personal or financial information
- 10. What is SPAM and what threat can it pose?
- Spam, also known as junk mail, is unsolicited email. In most cases, spam is used as a method of advertising
- 11. What are some of the indicators of SPAM?
- An email has no subject line.
- An email is requesting an update to an account.
- The email is filled with misspelled words or strange punctuation.
- Links within the email are long and/or cryptic.
- An email is disguised as correspondence from a legitimate business.
- The email requests that you open an attachment.
- 12. Explain these common attacks:
- SYN Flood
- A SYN request is the initial communication sent to establish a TCP connection. A SYN flood attack randomly opens TCP ports at the source of the attack and ties up the network equipment or computer with a large amount of false SYN requests
- DoS
- DoS is a type of attack that creates an abnormally large amount of requests to network servers, such as email or web servers. The goal of the attack is to completely overwhelm the server with false requests creating a denial of service for legitimate users.
- DDoS
- A DDoS attack is like a DoS attack but is created using many more computers, sometimes in the thousands, to launch the attack.
- Spoofing
- In a spoofing attack, a computer pretends to be a trusted computer to gain access to resources. The computer uses a forged IP or MAC address to impersonate a computer that is trusted on the network.
- Man-in-the-Middle
- An attacker performs a man-in-the-middle (MitM) attack by intercepting communications between computers to steal information transiting through the network
- Replay
- To perform a replay attack, data transmissions are intercepted and recorded by an attacker. These transmissions are then replayed to the destination computer
- DNS Poisoning
- DNS records on a system are changed to point to imposter servers. The user attempts to access a legitimate site, but traffic is diverted to an imposter site.
- 12.1.1.6 Activity – Identify the TCP/IP Attacks Instructor Check ____________
- 13. What does the term zero-hours describe?
- A zero-day attack, sometimes referred to as a zero-day threat, is a computer attack that tries to exploit software vulnerabilities that are unknown or undisclosed by the software vendor
- 14. A social engineer is a person who is able to gain access to equipment or a network by tricking people into providing the necessary access information.
- 15. Basic precautions to help protect against social engineering include:
- Never give out your login credentials (e.g., username, password, PIN).
- Never post credential information in your work area.
- Lock your computer when you leave your desk.
- 12.2 Security Policy
- 16. Explain what is a security policy and why is it needed?
- A security policy is a set of security objectives that ensure the security of a network, the data, and the computer systems in an organization
- 17. What questions should you ask to determine security policy factors?
- Which assets require protection?
- What are the possible threats?
- What to do in the event of a security breach?
- What training will be in place to educate the end users?
- 18. What six elements should be included in a security policy?
- Identification and Authentication Policies
- Password Policies
- Acceptable Use Policies
- Remote Access Policies
- Network Maintenance Policies
- Incident Handling Policies
- 19. What do most networks that use Windows computer use to maintain policy?
- Active Directory
- 20. What security problem is created when people use each other’s password to log-in?
- Privacy problem
- 21. Explain the three levels of password protection that are recommended:
- BIOS – Prevents the operating system from booting and the BIOS settings from being changed without the appropriate password.
- Login – Prevents unauthorized access to the local computer.
- Network – Prevents access to network resources by unauthorized personnel.
- 22. List and explain four good password guidelines/ requirements:
- 23. How can an Administrator enforce password requirements using the system?
- They can send minimal length, complexity
- 24. What can be used to prevent a “brute force” attack?
- Use the Account Lockout Policy in Account Policies to prevent brute-force login attempts.
- 25. What can password protection can be done on a local machine?
- To prevent unauthorized users from accessing local computers and network resources, lock your workstation, laptop, or server when you are not present.
- 26. Can local policy be automated and how if so?
- You can copy and export it
- 12.2.1.8 Lab – Configure Windows Local Security Policy
- 27. How can I limit the impact of malicious Active X controls on web-sties?
- ActiveX filtering
- 28. What is a pop-up and how can you limit their impact?
- A pop-up is a web browser window that opens on top of another web browser window. Some pop-ups are initiated while browsing, such as a link on a page that opens a pop-up to deliver additional information or a close-up of a picture
- 29. What is a SmartScreen filter?
- This feature detects phishing websites, analyzes websites for suspicious items, and checks downloads against a list which contains sites and files that are known to be malicious.
- 30. What is InPrivate browsing prevent the browser from doing and what are two ways you activate it in Internet Explorer?
- It helps from web browsers from storing:
- Usernames
- Passwords
- Cookies
- Browsing history
- Temporary Internet files
- Form data
- 31. What is a software firewall and how does it work?
- A software firewall is a program that runs on a computer to allow or deny traffic between the computer and other computers to which it is connected. The software firewall applies a set of rules to data transmissions through inspection and filtering of data packets
- 32. Where can you get a firewall for Windows 7?
- Step 1. Control Panel > Windows Firewall > Advanced settings.
- Step 2. Choose to configure either Inbound Rules or Outbound Rules in the left pane and click New Rule… in the right pane, as shown in Figure 2.
- Step 3. Select the Port radio button and click Next.
- Step 4. Choose TCP or UDP.
- Step 5. Choose All local ports or Specific local ports to define individual ports or a port range and click Next.
- Step 6. Choose Block the connection and click Next.
- Step 7. Choose when the rule applies and click Next.
- Step 8. Provide a name and optional description for the rule and click Finish.
- 33. What do biometric devices use to give access to people? Give one example
- Biometric security compares physical characteristics against stored profiles to authenticate people
- Example: fingerprint scanners
- 34. What makes a “smart card” operate?
- a small chip embedded in it.
- 35. Where are data backups kept and why?
- A data backup stores a copy of the information on a computer to removable backup media that can be kept in a safe place. Backing up data is one of the most effective ways of protecting against data loss.
- 36. What are some considerations for data backups?
- Data backups should be performed on a regular basis and included in the security policy. Data backups are usually stored offsite to protect the backup media if anything happens to the main facility
- 37. What is meant “Principle of Least Privilege”?
- Users should be limited to only the resources they need in a computer system or on a network.
- 38. Complete the following chart on folder permission levels:
- Level
- Description
- Full
- Users can see the contents of a file or folder, change and delete existing files and folders, create new files and folders, and run programs in a folder
- Modify
- Users can change and delete existing files and folders, but cannot create new ones
- Read and Execute
- Users can see the contents of existing files and folders and can run programs in a folder
- Read
- Users can see the contents of a folder and open files and folders
- Write
- Users can create new files and folders and make changes to existing files and folders
- 39. How does data encryption work on a drive?
- Encryption is where data is transformed using a complicated algorithm to make it unreadable
- 40. How can the Bit-Locker application be used?
- To use BitLocker, at least two volumes must be present on a hard disk. A system volume is left unencrypted and must be at least 100 MB. This volume holds the files required by Windows to boot.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement