Security - PowerPoint PPT Presentation

1 / 58
About This Presentation
Title:

Security

Description:

Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human aspects of security – PowerPoint PPT presentation

Number of Views:98
Avg rating:3.0/5.0
Slides: 59
Provided by: TimPo91
Category:

less

Transcript and Presenter's Notes

Title: Security


1
Security
  • Unit objectives
  • Configure operating system and file system
    security
  • Install a fingerprint scanner and card reader
  • Manage the human aspects of security

2
Topic A
  • Topic A Operating system security
  • Topic B Security hardware
  • Topic C The human aspects of security

3
User accounts
  • Object that represents a user of the computer
  • Name, password, group membership
  • User
  • Administrator
  • Guest

4
Groups
  • Management tool for applying security settings to
    multiple users
  • Users
  • Administrators
  • Power Users

5
Active Directory
  • Management framework
  • Centralized database of security data
  • Domains
  • Forests
  • Organizational units

6
Activity A-1
Securing access to the operating system
7
File system security
  • Logical organization scheme for files
  • Windows supports
  • File Allocation Table (FAT)
  • FAT32
  • NTFS
  • Only NTFS supports security

8
NTFS advantages
  • Larger disks
  • Security
  • Compression and encryption
  • Disk quotas
  • Recovery logging

9
Activity A-2
Choosing the correct file system for security
10
NTFS security
  • Security tab in Properties dialog box
  • Permissions are cumulative
  • Explicit permissions override inherited
    permissions
  • Permissions are inherited unless blocked
  • Set permissions on folders and files

11
NTFS permissions
  • Full control
  • Modify
  • Read and Execute
  • List Folder Contents
  • Read
  • Write
  • Special Permissions

12
Enabling the Security tab
  1. Open Windows Explorer
  2. Choose Tools, Folder Options
  3. Activate the View tab
  4. Clear the checkbox beside Use simple file sharing
  5. Click OK

13
Activity A-3
Configuring file access restrictions
14
Encryption
  • Scrambling of data
  • Public key cryptography
  • Pairs of keys
  • Whichever encrypts, the pair decrypts
  • Encrypting file system (EFS)

15
Activity A-4
Encrypting files
16
Authentication mechanisms
  • Biometric devices
  • Smart cards
  • Fobs
  • Digital certificates

17
Authentication
  • Identity validated
  • Workgroup vs. domain
  • Local computer vs. domain
  • Network authentication

18
Protocols
  • Kerberos v5
  • Supported by Windows 2000, Windows XP, and
    Windows Server 2003
  • NTLM
  • Supported by Windows NT, Windows 9x

19
Activity A-5
Understanding authentication technologies
20
Security policies
  • Password Policy
  • Account Lockout Policy
  • Audit Policy
  • User Rights Assignments
  • Security Options
  • Encrypting File System
  • Software Restriction Policies
  • IP Security Policies

21
Activity A-6
Using local security policies to set password
restrictions
22
Topic B
  • Topic A Operating system security
  • Topic B Security hardware
  • Topic C The human aspects of security

23
A fingerprint scanner
24
Activity B-1
Installing a fingerprint reader
25
Smart card and reader
26
Installing IdentiPHI Basic
  1. Install the card reader and its drivers
  2. Install the IdentiPHI Basic software
  3. Configure IdentiPHI Basic to accept smart cards
  4. Enroll a smart card and set a secure PIN for that
    card

27
Activity B-2
Installing a card reader
28
Activity B-3
Installing the IdentiPHI Basic software
29
Activity B-4
Configuring IdentiPHI Basic to accept smart cards
30
Activity B-5
Enrolling a smart card with IdentiPHI
31
Activity B-6
Using a smart card
32
Activity B-7
Uninstalling the smart card reader and software
33
Fobs
  • Keychain sized devices
  • Creates a rolling code
  • Might need username and password, in addition to
    fob number
  • Rolling code not random

34
Topic C
  • Topic A Operating system security
  • Topic B Security hardware
  • Topic C The human aspects of security

35
Alleviate security weaknesses
  • Restrict physical access to sensitive systems and
    data
  • Create an automated backup schedule
  • Manage data destruction
  • Create a corporate security policy
  • Manage social engineering attacks

36
Physical access restrictions
  • Lock server rooms
  • Lock PC cases and peripherals
  • Use cameras or motion-sensor alarms
  • Station guards in ultra-sensitive areas

37
Activity C-1
Implementing physical access restrictions
38
Backup
  • Use to create copies of your files
  • Recover files after system failure
  • Back up any critical data before you begin
    troubleshooting
  • Windows Backup is a GUI utility
  • Archive selected files and folders
  • Restore archived files and folders
  • Make copy of computers system state
  • Copy your computers system partition, boot
    partition, and files needed to start up the
    system

39
Backup utility in Windows XP
40
Backup modes
  • Wizard mode walk you step-by-step through the
    process
  • Advanced mode provides complete control over
    file and folder selection

41
Backup utility in Advanced Mode
42
Backup types
  • Copy
  • Daily
  • Differential
  • Incremental
  • Normal

43
Activity C-2
Backing up files using Wizard mode
44
Activity C-3
Restoring information from a backup
45
Scheduling backups
  • Daily
  • Weekly
  • Monthly
  • At predefined times
  • On predefined days

continued
46
Scheduling backups, continued
47
Activity C-4
Scheduling a backup
48
Data destruction and migration
  • Destruction utilities
  • Removable media and drives
  • Paper records
  • Data migration

49
Activity C-5
Examining data destruction techniques
50
Corporate security policies
  • Contract between company and employees
  • Heightens awareness
  • Demonstrates commitment
  • Spells out permitted and prohibited uses of
    company resources, plus repercussions
  • Intrusion handling plans
  • Regularly review and update

51
Activity C-6
Considering corporate security policies
52
Social engineering attacks
  • Social engineering includes
  • Tricking users into divulging sensitive
    information
  • Phishing
  • Dumpster diving
  • Shoulder surfing
  • Trojan horse attachments
  • Sneaking into secure areas through deception
  • Training and awareness are best defenses

53
Malicious software
  • Virus
  • Worm
  • Trojan horse
  • Spam
  • Spyware
  • Adware
  • Grayware

54
Prevention
  • Training
  • Corporate security policy
  • Antivirus software

55
Activity C-7
Managing social engineering attacks
56
Network security
  • Firewalls
  • Password management
  • Account management
  • Incidence reporting

57
Activity C-8
Examining network security
58
Unit summary
  • Configured operating system and file system
    security
  • Installed a fingerprint scanner and card reader
  • Managed the human aspects of security
Write a Comment
User Comments (0)
About PowerShow.com