Microsoft Office Access 2003 Training

About This Presentation

Title:

Microsoft Office Access 2003 Training

Description:

Change the Access macro security level and options to the settings that work best for you. ... sandbox mode, and see how it helps you work more safely in Access. ... – PowerPoint PPT presentation

Number of Views:106

Avg rating:3.0/5.0

Slides: 82

Provided by: granite6

Category:

more less

Transcript and Presenter's Notes

Title: Microsoft Office Access 2003 Training

1
Microsoft Office Access 2003 Training
Your STS, Tom Redd, presents

Introduction to security

2
Course contents

Overview Take steps to protect your data
Lesson 1 Viruses, dangerous code, and the macro
security level
Lesson 2 Access sandbox mode
Lesson 3 Working with digitally signed files

One lesson includes a list of suggested tasks,
and all have a set of test questions.
3
Overview Take steps to protect your data

Help protect your data and your computer from
intruders, corruption, and loss. Start by using
antivirus software. Also

Choose an appropriate macro security level.

Enable an important Microsoft Office Access
environment called sandbox mode.

And work with digitally signed files.

4
Course goals

Change the Access macro security level and
options to the settings that work best for you.
Understand the security warning messages you'll
encounter in Access and how to work with them to
help protect your data.
Install and enable sandbox mode, and see how it
helps you work more safely in Access.

5
Lesson 1

Viruses, dangerous code, macro security levels

6
Viruses, dangerous code, macro security levels

Whether you are a home user or part of a large
organization, losing your data or suffering from
computer downtime can cost you valuable time and
money.
Learn about potential security risks and how to
help prevent them.

7
Viruses, dangerous code, macro security levels

Running antivirus software and being careful
about which files you open can help protect you.

8
Viruses, dangerous code, macro security levels

Your database or computer can be attacked or
damaged by many sources

Viruses attached to files and e-mail messages
Files downloaded from the Web
Network worms
Programming code that uses commands available
inside Access

9
About viruses and dangerous code

Viruses are destructive programs that can act as
program files, or attach themselves to
innocent-looking files and corrupt them.

Viruses and dangerous code have many sources.
10
About viruses and dangerous code

Computer viruses and malicious (destructive) code
can corrupt your data or even take control of
your computer.

Viruses and dangerous code have many sources.
11
About viruses and dangerous code

Antivirus software can help detect viruses and
stop them in their tracks before they can run.
But you need to work as a team with your
antivirus program to achieve the best results

Keep your antivirus software up to date.
Manually scan downloaded files.
Be careful about which files you open or run.

Viruses and dangerous code have many sources.
12
About viruses and dangerous code

Dangerous code is not necessarily a virus, but
can consist of powerful commands that may exist
in an Access file you open in its objects (such
as queries, forms, reports, and macros) or in its
Microsoft Visual Basic for Applications (VBA)
modules.

Viruses and dangerous code have many sources.
13
About viruses and dangerous code

You can prevent some potentially dangerous code
from running by running Access in sandbox mode,
which is strongly recommended.

Viruses and dangerous code have many sources.
14
How the macro security levels work

Access features three different macro security
levels that control what happens when you first
try to open a database file and what can then
happen while you have that database open.
These levels are

High
Medium
Low

Security dialog box
15
How the macro security levels work

To set the macro security level in Access, click
an option on the Security Level tab of the
Security dialog box.

Security dialog box
16
How the macro security levels work
The effect for each security level setting is as
follows

At the High macro security level, you cannot open
any file in Access unless it is digitally
signed.

You get this message.
Security dialog box
17
How the macro security levels work

At the Medium macro security level, Access
prompts you with a message when you first open a
file.

This message warns you that the file could
contain code that might damage your computer or
data, and gives you the choice of opening the
file.
Security dialog box
18
How the macro security levels work

At the Low macro security level, you can open any
database file in Access without being prompted.

We recommend that you never use the Low macro
security level.
Security dialog box
19
More about the macro security level

The macro security level for each Microsoft
Office program is independent of all other Office
programs.

20
More about the macro security level

Choose one of the three macro security levels
that fits your work environment.

In Access, it is recommended that you choose
High.
21
More about the macro security level

If you need to work with unsigned files from
other sources, you can use the Medium macro
security level.

Always examine such files and sources carefully
before choosing to enable any macros.
Change back to High when you no longer need to
use the Medium level.

22
More about the macro security level

If you use only your own files in Access, you
should self-sign these files and use the High
macro security level.

23
More about the macro security level

We routinely use phrases such as help protect
or probably feel safe because theres no such
thing as absolute security.

But you can greatly decrease the chance of a
catastrophic security breach by doing the
following
24
More about the macro security level

Use common sense
Run antivirus software
Choose strong security options
Work with digitally signed files

25
If you dont see the Security command

To change the macro security level in Access, use
the Security command.

On the Tools menu, select the Macro submenu.

The Security command, on the Macro submenu
26
Suggestions for practice

Change the macro security level to High.
Change the macro security level to Medium.

Online practice (requires Access 2003)
27
After you complete the practice

We strongly recommend that you run Access at the
High macro security level.
After completing the practice, make sure that you
set the macro security level to High. If you need
to work with unsigned files from other sources,
you can use the Medium macro security level to do
that however, you should always examine such
files and sources carefully before choosing to
enable any macros, and change back to High when
you no longer need to use the Medium macro
security level. If you use only your own files in
Access, you should self-sign your files and use
the High macro security level.

28
Test 1, question 1

In Access, using the Low macro security level
will protect you against (Pick one answer.)

Dangerous code embedded in your VBA modules.
Computer viruses infecting your database.
Nothing.

29
Test 1, question 1 Answer

Nothing.

We strongly recommend that you avoid using the
Low security level in all cases.
30
Test 1, question 2

You change the macro security level in Access by
(Pick one answer.)

Clicking either OK or Cancel in the dialog box
when you open a file.
Setting the level in the Security dialog box.
Selecting a startup option.

31
Test 1, question 2 Answer

Setting the level in the Security dialog box.

It's an option you set once then it's applied
every time you use Access.
32
Test 1, question 3

By using common sense, running antivirus
software, choosing strong security options, and
working with digitally signed files, you should
feel completely secure when working in Access.
(Pick one answer.)

True.
False.

33
Test 1, question 3 Answer

False.

By taking this course, you are on your way to
working more securely in Access, but absolute
security is never a certainty.
34
Lesson 2

Access sandbox mode

35
Access sandbox mode

For an additional layer of safety while working
in Access, you can run the program in sandbox
mode.
Running in sandbox mode helps ensure that any
potentially dangerous commands that could be run
from an Access expression will be blocked.

36
How sandbox mode protects your computer

In Access, its possible to run dangerous VBA
code in expressions strings of instructions
that Access can use to perform operations on your
database.

Sandbox mode protects against harmful commands
37
How sandbox mode protects your computer
Potentially dangerous expressions can include
commands and properties that could

Delete files
Change file attributes
Start other programs
Change Access settings
Change environment settings (such as the PATH
statement)

Sandbox mode protects against harmful commands
38
How sandbox mode protects your computer
Running Access in sandbox mode helps prevent
dangerous code from being run in expressions.
Sandbox mode protects against harmful commands
39
The Jet 4.0 Service Pack 8 update

To run Access in sandbox mode, first install the
Service Pack 8 (SP8) update for Microsoft Jet
4.0.
Jet 4.0 is a program that Access uses behind the
scenes for many of its operations, such as
running queries and updates.

40
The Jet 4.0 Service Pack 8 update

Jet Database Engine 4.0 Service Pack 8 (SP8) is
part of a critical Windows update.

To install the update

On Microsoft.com, click Windows Update in the
left column.
Install all high-priority and critical Windows
updates.

41
The Jet 4.0 Service Pack 8 update

Before you do this, determine if the Jet 4.0 SP8
update is already installed on your computer.

Look in the Add or Remove Programs section of
Control Panel.
If you have installed the Service Pack 2 (SP2)
update for Windows XP, make sure that the Show
updates check box is selected at the top of the
Add or Remove Programs window.

42
The Jet 4.0 Service Pack 8 update

Before you do this, determine if the Jet 4.0 SP8
update is already installed on your computer.

If you find the Windows Hotfix KB837001 or
KB829558, the Jet 4.0 SP8 update has been
installed.

43
The Jet 4.0 Service Pack 8 update

Important Remember that this update to the Jet
engine is a vital part of security in Access, and
should be installed for every computer that runs
Access.

44
After you have installed the Jet update

When you start Access for the first time after
installing the Jet 4.0 SP8 update, and Access is
set to either the Medium or High macro security
level, you will see the message shown on the
left.
Click Yes to block unsafe expressions and run
Access in sandbox mode.

Click Yes to block unsafe expressions.
45
After you have installed the Jet update

Assuming that you are running Access at the High
or Medium macro security level, you're all set
and you should not see any more messages about
sandbox mode unless you change the macro security
level and explicitly choose to allow blocked
expressions.

Click Yes to block unsafe expressions.
46
After you have installed the Jet update

If your macro security level is set to Low, you
won't be prompted about blocking unsafe
expressions when you start Access for the first
time after installing the Jet update.

Only when you change the macro security level to
Medium or High will you see the message shown on
the left. Change your macro security level to
Medium or High, and then click Yes to block
unsafe expressions.
Click Yes to block unsafe expressions.
47
After you have installed the Jet update

While this message does not actually mention
"sandbox mode" at all, just understand that
choosing to block unsafe expressions is sandbox
mode.

By clicking Yes, you are choosing to block unsafe
expressions and therefore to run Access in
sandbox mode.
Click Yes to block unsafe expressions.
48
Test 2, question 1

Sandbox mode can best be described as an
environment where (Pick one answer.)

Access and other Office programs can work safely
with each other.
Interaction between Access and any other Office
program is not allowed.
Certain potentially dangerous commands cannot be
run from Access.

49
Test 2, question 1 Answer

Certain potentially dangerous commands cannot be
run from Access.

Sandbox mode prevents certain potentially
destructive commands from running in Access.
50
Test 2, question 2

Sandbox mode is related to the macro security
level in the following way (Pick one answer.)

There is a one-to-one correspondence between the
state of sandbox mode and the macro security
level.
Changing the macro security level lets you decide
whether sandbox mode is enabled.
If your macro security level is set to High,
sandbox mode must be enabled.

51
Test 2, question 2 Answer

Changing the macro security level lets you decide
whether sandbox mode is enabled.

When you change the macro security level from Low
to either Medium or High, Access will ask you if
you want to block unsafe expressions by running
Access in sandbox mode.
52
Test 2, question 3

Running Access in sandbox mode will prevent
(Pick one answer.)

Many dangerous commands from running in
expressions.
Many dangerous macro commands from running.
Dangerous VBA code from running.

53
Test 2, question 3 Answer

Many dangerous commands from running in
expressions.

For example, you can't delete files, format your
hard disk drive, or rename folders.
54
Lesson 3

Working with digitally signed files

55
Working with digitally signed files

Wondering which data you can trust? Wondering how
you can verify the integrity of the files that
you open?
Working only with digitally signed files is a
good practice that can help protect your database
environment.

A digital signature helps assure who originated
and signed that file.
56
About digital signatures and trusted publishers

Digital signatures can be issued by a
certificate authority.
A certificate authority is a third-party
organization that issues certificates used to
digitally sign files.

Digital certificate Can you trust it?
57
About digital signatures and trusted publishers

You can also create digital certificates for your
own use or for use within a small, closely
trusted group.

These are called self-signed certificates.
Digital certificate Can you trust it?
58
About digital signatures and trusted publishers

When you explicitly trust a particular signer of
files, you can add that person or company to your
computer as a trusted publisher.

A trusted publisher is someone who is known by
you or by your company to be reputable.
Digital certificate Can you trust it?
59
About digital signatures and trusted publishers

Although an entity (such as a software company or
a consultant) may have a digital certificate from
a certificate authority, that certificate means
nothing until you do one of the following

Digital certificate Can you trust it?
60
About digital signatures and trusted publishers

Open the file (Medium macro security level).

Or
Add the owner of that certificate to the list of
trusted publishers on your computer (High or
Medium macro security level).

Digital certificate Can you trust it?
61
Digital signatures and macro security level

Consider two major factors when deciding whether
to accept a digitally signed file

The macro security level setting in Access
What actions you will take when you open the file

Access warning, Medium macro security level
62
Digital signatures and macro security level

At the Medium macro security level, when you open
a digitally signed file for the first time, you
can either

Click Open, and open that file right away.
Or
Permanently add its signer to your list of
trusted publishers.

Access warning, Medium macro security level
63
Digital signatures and macro security level

At the High macro security level, things are
buttoned down a bit more tightly

To be opened, any file must be digitally signed
(no exceptions).
You must accept the digital signature and
permanently add its signer to your list of
trusted publishers.

Access warning, High macro security level
64
Digital signatures and macro security level

In Access, unlike most other Office programs, you
can't open a file that has no digital signature
at the High macro security level.

Its different in Microsoft Excel and Word.
Access warning, High macro security level
65
Digital signatures and macro security level

You can verify the authenticity of a digital
signature by inspecting its certificate through
your Web browser.

The unsigned file warning, High macro security
level
66
Summing it up The safer, the better

In general, when you receive a digitally signed
file from a trusted entity, you can feel
reasonably confident the file is safe.
This is primarily due to two things

Has this Access file lost its digital signature,
or has it never been signed?
67
Summing it up The safer, the better

To digitally sign a file, you must have what is
known as the "private key" for the signature
the private key allows you to add its unique
signature to a file.

Thus, if someone without the private key changes
a signed file by making potentially dangerous
changes, the digital signature will become
invalid and will be removed from the file.

Has this Access file lost its digital signature,
or has it never been signed?
68
Summing it up The safer, the better

Caution At the Medium macro security level in
Access, when you open a digitally signed file
that has lost its signature, the standard
security warning message for the Medium level
displays (see the picture at left), as if the
file had never been signed at all.

Has this Access file lost its digital signature,
or has it never been signed?
Exercise great care when you consider opening any
file that's not signed.
69
Summing it up The safer, the better

Before you open a file that has lost its
signature, you should exercise extreme caution.
You can

Run a virus scan
Notify the publisher that the signature for the
file is no longer valid
Or
Retrieve a backup version of the file

Has this Access file lost its digital signature,
or has it never been signed?
70
Summing it up The safer, the better

In summary, at the Medium and High macro security
levels, when you open a file that has a digital
signature from a trusted publisher, you wont be
prompted with any security warnings.

Has this Access file lost its digital signature,
or has it never been signed?
If you do see a warning, this indicates the file
may have been changed by an unauthorized party or
is corrupted.
71
Summing it up The safer, the better

It is recommended that you operate at the High
macro security level.

If you need to work with unsigned files from
other sources, you can use the Medium macro
security level to do that.
Has this Access file lost its digital signature,
or has it never been signed?
72
Summing it up The safer, the better

At the Medium macro security level, when you open
a file with a signature that you have not yet
added as a trusted publisher, the warning message
from Access should cause you to think about which
files you can trust.

Has this Access file lost its digital signature,
or has it never been signed?
73
Test 3, question 1

Which of the following is true about opening
files in Access? (Pick one answer.)

You can open all files by clearing the Only open
files from the trusted publishers list check box.
You can selectively open a digitally signed file
by adding the file to the trusted publishers
list.
You can open only digitally signed files from a
trusted publisher at the High macro security
level.

74
Test 3, question 1 Answer

You can open only digitally signed files from a
trusted publisher at the High macro security
level.

We strongly recommend that you work in Access at
the High macro security level.
75
Test 3, question 2

To selectively open digitally signed files, you
would (Pick one answer.)

Run Access at the High macro security level after
adding the files signer as a trusted publisher.
Run Access at the Medium macro security level,
but not add the file's signer as a trusted
publisher.
Run Access at the Medium macro security level
after adding the files signer as a trusted
publisher.

76
Test 3, question 2 Answer

Run Access at the Medium macro security level,
but not add the file's signer as a trusted
publisher.

Although the High macro security level is the
most secure, the Medium level does allow you more
flexibility about which files to open.
77
Test 3, question 3

One reason why you might want to work only with
digitally signed files is (Pick one answer.)

You can choose to run Access safely at the Low
macro security level.
You can choose to run Access at the High macro
security level, where a digital signature is
required to open any file.
You can have complete confidence that all
digitally signed files are safe.

78
Test 3, question 3 Answer

You can choose to run Access at the High macro
security level, where a digital signature is
required to open any file.

Working in Access at the High macro security
level and requiring digital signatures help make
your computer and your database files more secure.
79
Test 3, question 4

When code in a digitally signed file is changed
by a user without the private key (Pick one
answer.)

Access warns the next user who opens the file
that it has been changed by an unauthorized user.
Access wont open the file until it is re-signed.
Access removes the signature from the file, and
you can't open it at the High macro security
level.

80
Test 3, question 4 Answer