ITE ch. 12 p1

1. Name ________________________________________________________ Date __________________
2.  
3. Chapter 12: Security
4. After completion of this chapter, students should be able to:
5. Explain why security is important and describe security threats.
6. Explain social engineering, data wiping, hard drive destruction and recycling.
7. Identify security procedures.
8. Explain what is required in a basic security policy and describe ways to protect data.
9. Describe wireless security techniques
10. Explain the tasks required to protect physical equipment.
11. Identify common preventive maintenance techniques for security.
12. Explain measures to maintain operating systems, backup data, configure firewalls, and maintain accounts.
13. Apply the six steps of the troubleshooting process to security.
14.  
15. 12.0 Security
16. 1. What are the two type’s general threats to computer security? Give examples of each.
17.  
18. Physical and Data
19.  
20.  
21. 12.1 Security Threats
22. 2. What is Malware and what does it do?
23.  
24. Malware is any software created to perform malicious acts. The word malware is an abbreviation of malicious software.
25.  
26.  
27. 3. How Malware is typically installed?
28.  
29. on a computer without the knowledge of the user
30.  
31. 4. What is a Trojan threat and where are they found?
32. A Trojan horse usually looks like a useful program but it carries malicious code
33. 5. Trojans are often disguised as what?
34. Trojan horses are often provided with free online games
35. 6. How much do computer viruses cost business annually? (search this)
36. $55 billion dollars per year
37. 7. Explain what is Virus protection software and what does it do?
38. Antivirus or anti-virus software (often abbreviated as AV), sometimes known as anti-malware software, is computer software used to prevent, detect and remove malicious software. Antivirus software was originally developed to detect and remove computer viruses, hence the name.
39.  
40.  
41.  
42.  
43. 8. Differentiate the following types of Malware:
44. a. Worms
45. A worm is a self-replicating program that is harmful to networks with the intent to slow or disrupt network operations
46. Worms typically spread automatically by exploiting known vulnerabilities in the legitimate software
47.  
48.  
49. b. Adware
50. Usually distributed by downloading online software
51. It displays advertising on your computer most often as in a pop-up window
52. Adware pop-up windows are sometimes difficult to control and open new windows faster than users can control them
53.  
54.  
55.  
56. c. Spyware
57. Similar to adware but used to gather information about a user and send the information to another entity, without the user’s consent.
58.  
59. Spyware can be low threat, gathering browsing data, or it can be high threat where personal or financial information is gathering
60. d. Ransomware
61.  
62.  
63. e. Rootkits
64.  
65. 12.1.1.2 Activity – Identify Malware Types Instructor Check _____________
66. 9. Explain what is Phishing and give an example:
67. Phishing is when a malicious party sends an email, calls on the phone, or places a text with the intent to trick the recipient into providing personal or financial information
68.  
69. 10. What is SPAM and what threat can it pose?
70. Spam, also known as junk mail, is unsolicited email. In most cases, spam is used as a method of advertising
71.  
72.  
73. 11. What are some of the indicators of SPAM?
74. An email has no subject line.
75. An email is requesting an update to an account.
76. The email is filled with misspelled words or strange punctuation.
77. Links within the email are long and/or cryptic.
78. An email is disguised as correspondence from a legitimate business.
79. The email requests that you open an attachment.
80.  
81.  
82.  
83. 12. Explain these common attacks:
84.  
85. SYN Flood
86. A SYN request is the initial communication sent to establish a TCP connection. A SYN flood attack randomly opens TCP ports at the source of the attack and ties up the network equipment or computer with a large amount of false SYN requests
87.  
88.  
89.  
90.  
91. DoS
92. DoS is a type of attack that creates an abnormally large amount of requests to network servers, such as email or web servers. The goal of the attack is to completely overwhelm the server with false requests creating a denial of service for legitimate users.
93.  
94.  
95.  
96.  
97. DDoS
98. A DDoS attack is like a DoS attack but is created using many more computers, sometimes in the thousands, to launch the attack.
99.  
100.  
101.  
102.  
103.  
104. Spoofing
105. In a spoofing attack, a computer pretends to be a trusted computer to gain access to resources. The computer uses a forged IP or MAC address to impersonate a computer that is trusted on the network.
106.  
107.  
108.  
109.  
110. Man-in-the-Middle
111. An attacker performs a man-in-the-middle (MitM) attack by intercepting communications between computers to steal information transiting through the network
112.  
113.  
114.  
115.  
116. Replay
117. To perform a replay attack, data transmissions are intercepted and recorded by an attacker. These transmissions are then replayed to the destination computer
118.  
119.  
120.  
121.  
122. DNS Poisoning
123. DNS records on a system are changed to point to imposter servers. The user attempts to access a legitimate site, but traffic is diverted to an imposter site.
124.  
125.  
126.  
127.  
128. 12.1.1.6 Activity – Identify the TCP/IP Attacks Instructor Check ____________
129.  
130. 13. What does the term zero-hours describe?
131.  
132. A zero-day attack, sometimes referred to as a zero-day threat, is a computer attack that tries to exploit software vulnerabilities that are unknown or undisclosed by the software vendor
133.  
134.  
135.  
136.  
137.  
138. 14. A social engineer is a person who is able to gain access to equipment or a network by tricking people into providing the necessary access information.
139.  
140. 15. Basic precautions to help protect against social engineering include:
141.  
142. Never give out your login credentials (e.g., username, password, PIN).
143. Never post credential information in your work area.
144. Lock your computer when you leave your desk.
145.  
146.  
147.  
148.  
149. 12.2 Security Policy
150. 16. Explain what is a security policy and why is it needed?
151.  
152. A security policy is a set of security objectives that ensure the security of a network, the data, and the computer systems in an organization
153.  
154.  
155. 17. What questions should you ask to determine security policy factors?
156.  
157. Which assets require protection?
158. What are the possible threats?
159. What to do in the event of a security breach?
160. What training will be in place to educate the end users?
161.  
162.  
163. 18. What six elements should be included in a security policy?
164.  
165. Identification and Authentication Policies
166. Password Policies
167. Acceptable Use Policies
168. Remote Access Policies
169. Network Maintenance Policies
170. Incident Handling Policies
171.  
172. 19. What do most networks that use Windows computer use to maintain policy?
173.  
174.  
175. Active Directory
176.  
177.  
178.  
179.  
180. 20. What security problem is created when people use each other’s password to log-in?
181.  
182.  
183. Privacy problem
184.  
185.  
186.  
187.  
188.  
189.  
190. 21. Explain the three levels of password protection that are recommended:
191.  
192. BIOS – Prevents the operating system from booting and the BIOS settings from being changed without the appropriate password.
193. Login – Prevents unauthorized access to the local computer.
194. Network – Prevents access to network resources by unauthorized personnel.
195.  
196. 22. List and explain four good password guidelines/ requirements:
197.  
198.  
199. 23. How can an Administrator enforce password requirements using the system?
200. They can send minimal length, complexity
201.  
202.  
203. 24. What can be used to prevent a “brute force” attack?
204.  
205. Use the Account Lockout Policy in Account Policies to prevent brute-force login attempts.
206.  
207. 25. What can password protection can be done on a local machine?
208.  
209. To prevent unauthorized users from accessing local computers and network resources, lock your workstation, laptop, or server when you are not present.
210.  
211.  
212.  
213. 26. Can local policy be automated and how if so?
214.  
215. You can copy and export it
216.  
217. 12.2.1.8 Lab – Configure Windows Local Security Policy
218. 27. How can I limit the impact of malicious Active X controls on web-sties?
219. ActiveX filtering
220.  
221. 28. What is a pop-up and how can you limit their impact?
222. A pop-up is a web browser window that opens on top of another web browser window. Some pop-ups are initiated while browsing, such as a link on a page that opens a pop-up to deliver additional information or a close-up of a picture
223.  
224.  
225.  
226.  
227. 29. What is a SmartScreen filter?
228. This feature detects phishing websites, analyzes websites for suspicious items, and checks downloads against a list which contains sites and files that are known to be malicious.
229.  
230.  
231.  
232. 30. What is InPrivate browsing prevent the browser from doing and what are two ways you activate it in Internet Explorer?
233.  
234. It helps from web browsers from storing:
235. Usernames
236. Passwords
237. Cookies
238. Browsing history
239. Temporary Internet files
240. Form data
241.  
242.  
243.  
244.  
245. 31. What is a software firewall and how does it work?
246.  
247. A software firewall is a program that runs on a computer to allow or deny traffic between the computer and other computers to which it is connected. The software firewall applies a set of rules to data transmissions through inspection and filtering of data packets
248.  
249. 32. Where can you get a firewall for Windows 7?
250.  
251. Step 1. Control Panel > Windows Firewall > Advanced settings.
252. Step 2. Choose to configure either Inbound Rules or Outbound Rules in the left pane and click New Rule… in the right pane, as shown in Figure 2.
253. Step 3. Select the Port radio button and click Next.
254. Step 4. Choose TCP or UDP.
255. Step 5. Choose All local ports or Specific local ports to define individual ports or a port range and click Next.
256. Step 6. Choose Block the connection and click Next.
257. Step 7. Choose when the rule applies and click Next.
258. Step 8. Provide a name and optional description for the rule and click Finish.
259.  
260.  
261. 33. What do biometric devices use to give access to people? Give one example
262.  
263. Biometric security compares physical characteristics against stored profiles to authenticate people
264. Example: fingerprint scanners
265.  
266.  
267.  
268.  
269. 34. What makes a “smart card” operate?
270.  
271. a small chip embedded in it.
272.  
273.  
274.  
275. 35. Where are data backups kept and why?
276.  
277. A data backup stores a copy of the information on a computer to removable backup media that can be kept in a safe place. Backing up data is one of the most effective ways of protecting against data loss.
278.  
279.  
280.  
281.  
282. 36. What are some considerations for data backups?
283. Data backups should be performed on a regular basis and included in the security policy. Data backups are usually stored offsite to protect the backup media if anything happens to the main facility
284.  
285. 37. What is meant “Principle of Least Privilege”?
286.  
287. Users should be limited to only the resources they need in a computer system or on a network.
288.  
289. 38. Complete the following chart on folder permission levels:
290. Level
291. Description
292. Full
293. Users can see the contents of a file or folder, change and delete existing files and folders, create new files and folders, and run programs in a folder
294. Modify
295. Users can change and delete existing files and folders, but cannot create new ones
296. Read and Execute
297. Users can see the contents of existing files and folders and can run programs in a folder
298. Read
299. Users can see the contents of a folder and open files and folders
300. Write
301. Users can create new files and folders and make changes to existing files and folders
302.  
303.  
304.  
305. 39. How does data encryption work on a drive?
306.  
307. Encryption is where data is transformed using a complicated algorithm to make it unreadable
308.  
309.  
310.  
311. 40. How can the Bit-Locker application be used?
312.  
313. To use BitLocker, at least two volumes must be present on a hard disk. A system volume is left unencrypted and must be at least 100 MB. This volume holds the files required by Windows to boot.