Security
Topics
* Local Security * Physical Security * Firewall * Authentication * Encryption * Wireless Security * Viruses *

Physical Security video 5.01 * Lock and control access to serves * Lock server and computer cases * Use audible alarms * Create administrative alerts * Locate servers room in high traffic area * Store backup tapes in secure area * Lock users operating system * Physically destroy old hard drive

Authentication Policies * CMOS passwords * Username and password * Smart card and pin * Key fob * Biometric

CMOS passwords

Power-on Password * Supervisor’s password * User password * Full access * Liminted access * View only access * No access * Hard Drive Password * Protects data even if HD is stolen * Password required each time the system boots

Reset CMOS password * Acess CMOS settings * Reset jumper * Remove/replace CMOS battery

Create strong password * Six or more chraractors * Passphrase * Upper and lower case letters * Mix in numbers and symbols * Don’t use * Consecutive letters * Consecutive numbers * Consecutive keys

Kerberos * Authentication method used by windows to encrypt passwords * Passwords are case sensitive

This video shows the proper way to secure servers and how to train employees to lock computers. It also talks about the best ways to secure server rooms and how to properly dispose of old hard drives. The best to dispose old hard drive is to physically destroy them. Rewriting and deleting the information does not mean the information can no longer be accessed. The video also explains authentication policies. The video explains the different types of passwords that can be used, and for what access you give the user. The video show a person how reset a CMOS password. They also talk about how to set a strong password and training your employees.

Video 5.02 local security policy

* Password Policy * Account lockout policy * Audit policies

This video shows how to view local security policy. This show an administrator can set settings for user to set passwords. It shows the different settings a person can apply for setting passwords. It shows how to set minimum about of characters and the complexity. It explains the lockout policy and how to set the settings for number of attempts to enter correct password and how long a person will be locked put before he can try again. The video also talks about audit policies and how to view long on attempts.

Video 5.03 Encryption Encryption Keys
Traditional Encryption methods * Single Key

Modern Encryption Methods * Public key * To encrypty * Private key * To decrypt

Private key

Who may decrypt an encrypted file * Owner * User with the private key * Recovery agent

File properties * Advanced tab > Encrypt
Command line * C:\cipher /e [filename] *
This video talks about encryption, traditional encryption that was signal key and modern encryption. Public keys allow you to encrypt and private key allows you to decrypt. When data is encrypted the only people that can read the information are the owner, users with private key and a recovery agent. The way to encrypt files is opening file properties. The video showed how to encrypt folders and if a person want all folders or just the one folder.

Video 5.04 Sharing and permission

Permissions * Share permissions * NTFS permissions * Deny
Deny overrides al other permissions. * Inheritance
Inheritance means child objects inherit permissions of parent

In video5.04 is about file sharing. In the simple file sharing the option you have is share with all or none, also under simple file sharing there is no security tab. When the simple file sharing option is turned off the sharing options change, there are is also a security option and now you can set the number people you want to share with. The two types of permissions are share permissions and NTFS permissions. The share permission by default allow every to read. In the security tab you can allow which users and what permission you give them. Deny overrides all other permissions. Under the computer management folder you can also see which folders are being shared under shares. The video also shows how o disconnect all sessions. This video shows how to share documents and permissions options.

Video 5.05 Windows firewall

Firewall * Ports * IP addresses

Video 5.05 covers windows firewall. Windows firewall is available on XP only with SP2 or higher. The video shows you how to access firewall settings security alerts in the system tray or in the control panel also in the networks places under properties.

Video 5.06 Wireless Security

Wireless Security * Wireless devices communicate * Directly – ad hoc mode * Through an access point * Wireless access point (WAP) * Most networks use a wireless AP * Creates a hot spot * Security must be configured * SSID – service set identifier * Broadcasts presence of WAP * Disable SSID broadcasting to hide WAP * Filter MAC address * list accepted MAC addresses * all others will be blocked * SSID name and password * Default se by manufacturer * Manufacture’s name and password * Check manufacture’s web site * Reset SSID name and password * DHCP addresses * Disable automatic assignment * Assign static IP * Encryption * Very important feature * Three types * WEP (wired equivalent privacy) * WPA (Wi-Fi protected access) * WPA2 (Wi-Fi protected access 2) * WEP * 64 and 128 bit encryption * static encryption key * more susceptible to hacking * WPA * Requires username and password * Dynamic encryption key * More secure * WPA 2 * Latest version of encryption * 802.11i o AES protocol * Available with XP service pack 2 or later

Video 5.06 covers wireless security talks about device communication, wireless access points and security configuration. A way to secure your wireless is do disable SSID broadcasting by hiding the WAP. The video also talks about filter MAC addresses allowing only certain devices to connect. The video also explains the importance of resetting the SSID name and password. The factory setting will allow for anyone to find this information online. The video explains Encryption and the three types. WEP is the least secure of the three using a static encryption key. WPA is more secure requiring a username and password with Dynamic encryption making it more secure than WEP. WPA is the latest version using 802.11i or AS protocol and is available with XP service pack 2 or later. This video explained the importance of changing name password, filter MAC addresses and disable DHCp.

Video 5.07 Malware
Viruses a Worms
Worm – spreads throughout network without other programs – typically infects email.

Virus – replicates by attaching to other programs * Trojan horse – pretends to be legitimate program * A logic bomb – sits dormant in your system until activated – usually by a date code word * A Boot Sector Virus - infects MBR or boot sector or fixboot.

Social Engineering * Phishing * Tricks user into revealing information * XP with SP2 * Phishing filter * Pop-up blocker * Mange add-ons

Video 5.07 malware covers the different viruses and worms. The video shows how to show extensions for known files. By deselecting hide extension you will be able to see the complete file name. Video 5.07 talks about phishing and XP with SP2. The video also show how activate phishing filters and pop up blockers. The video also explains how to manage pop ups. It informs about Do’s and Don’ts.