IT ESSENTIALS V. 4.1 Module 9 Fundamental Security 9.1 Explain why security is important 1. Who is affected by a lapse in security? Everyone 2. How can a network or computer be harmed?

superfluitysmackoverΑσφάλεια

23 Φεβ 2014 (πριν από 3 χρόνια και 5 μήνες)

69 εμφανίσεις

IT ESSENTIALS V. 4.1

Module
9

Fundamental Security


9
.1

Explain why security is important

1.

Who is affected by a lapse in security?

Everyone

2.

How can a network or computer be
harmed?

Theft, loss, network intrusion, physical
damage

3.

What are the pri
mary responsibilities of a
technician

Data and network security

Worksheet: Security Attacks

9.2 Describe Security Attacks

4.

What is a physical threat?

Events or attacks that steal, damage or
destroy equipment

5.

What is data threat?

Events or attacks
that remove, corrupt, deny
access, allow access or steal information

6.

What is an internal threat?

An employee

7.

What is a malicious threat?

When an employee intends to do damage

8.

What is an external threat?

Users outside an organization that do not

have authorized access to the network or
resources

9.

What is an unstructured threat?

Attackers use available resources to give
access and run programs designed to
vandalize

10.

What is an structured threat?

Attackers use code to access operating
system
s and software

9.2.1 Define viruses, worms and Trojans

11.

What is a virus?

A program written with malicious intent and
sent out by attackers

12.

How are viruses transferred?

Through email, file transfers and instant
messaging

13.

What is the most dama
ging type of virus?

One used to record keystrokes

14.

What is a stealth virus?

One the lays dormant until summoned by
the attacker

15.

What is a worm?

Self
-
replicating program that duplicates its
code to the hosts on a network

16.

Why is a worm harmful?

It consumes bandwidth

17.

What is a Trojan?

A worm hidden in software that appears to
do one thing yet behind the scenes does
another

18.

What is anti
-
virus software?

Software designed specifically to detect,
disable, and remove viruses, worms, and
Troj
ans before they infect a computer

19.

How can the technician keep the anti
-
virus
software up to date?

Apply most recent updates, patches, and
virus definitions as part of a regular
maintenance schedule

Worksheet: Third party Anti
-
Virus Software

9.2.2 Ex
plain web security

20.

Why is web security important?

Because so many people visit the World
Wide Web everyday

21.

What is ActiveX?

Technology created by Microsoft to control
interactivity on web pages

22.

What is Java?

Programming language that allows
applets
to run within a web browser

23.

What are examples of JavaScript?

Rotating banner or a pop
-
up window

9.2.3 Define adware, spyware and grayware

24.

What is adware?

Software program that displays advertising
on your computer

25.

What is grayware?

A file or program other than a virus that is
potentially harmful

26.

What is phishing?

Social engineering where attackers try to
persuade the reader to unknowingly provide
attackers with access to personal
information

27.

What is spyware?

Monitors activi
ty on the computer and
sends this information to the organization
responsible for launching the spyware

Activity: Adware, Spyware, Phishing

9.2.4 Explain Denial of Service

28.

What is denial of service?

A form of attack that prevents users from
accessin
g normal services because the
system is busy responding to abnormally
large amounts of requests

29.

What are two common DoS attacks?

Ping of death; email bomb

30.

What is a zombie?

An infected computer located at difference
geographical locations used to

launch denial
of service attacks

9.2.5 Describe spam and popup windows

31.

What is spam?

Junk mail, unsolicited email

32.

What are common indicators of spam?

No subject line, incomplete return address,
return email not sent by user, computer
generated
email

9.2.6 Explain social engineering

33.

What is a social engineer?

A person who is able to gain access by
tricking people into providing the necessary
information

34.

How can you protect again social
engineers?

Never give out your password

Always ask

for ID

Restrict access of unexpected visitors

Escort all visitors

Lock your computer when you leave your
desk

Do not let anyone follow you through a door
that requires an access card

9.2.7 Explain TXP/IP attacks

35.

What is a SYN flood?

Randomly opens T
CP ports, typing up
network equipment with large amount of
false requests, causing sessions to be denied
to others

36.

What is spoofing?

Gains access to resources on devices by
pretending to be a trusted computer

37.

What is a man
-
in
-
the
-
middle attack?

I
ntercepts or inserts false information in
traffic between two hosts

38.

What is a Replay attack?

Uses network sniffers to extract usernames
and passwords to be used at a later date to
gain access

39.

What is DNS poisoning?

Changes DNS records on a system

to point
to false servers where data is recorded

9.2.8 Explain data wiping, hard drive destruction and recycling

40.

What is hardware destruction?

The process of removing sensitive data from
hardware and software before recycling or
discarding

41.

What

are the three methods commonly
used to destroy or recycle data and hard
drives?

Data wiping, hard drive destruction, and
hard drive recycling

42.

What is data wiping?

Secure erase; a procedure to permanently
delete data from a hard drive

43.

How can yo
u fully ensure that data cannot
be recovered from a hard drive?

Shatter the platters with a hammer and
safely dispose of the pieces

9.3 Identify Security Procedures

44.

How often should security plans be
reviewed?

Yearly

9.3.1 Explain what is required i
n a basic local security policy

45.

What questions should be covered in a
basic security policy?

1.

What assets require protection

2.

What are the possible threats

3.

What do we do in the event of a
security breach

46.

Who is responsible for security

everyone

47
.

What are the recommended password
guidelines?

Minimum length

Includes uppercase and lowercase letters
combined with numbers and symbols

9.3.2 Explain the tasks required to protect physical equipment

48.

What is the Trusted Platform Module
(TPM)?

A spec
ialized chip installed on the
motherboard of a computer to be used for
hardware and software authentication

49.

How can you protect the access to your
facility?

Card keys, biometric sensors, posted
security guard, sensors (RFID) to monitor
equipment

9.3.
3 Describe ways to protect data

50.

What are the two levels of password
BIOS, login

protection that are recommended?

51.

What password will prevent the operating
system from booting?

BIOS

52.

What is a lockout rule?

When unsuccessful attempts have been
made to access the system; user can no
longer access the system

53.

What is a VPN connection?

Allows remote users to safely access
resources as if their computer is physically
attached to the local network

54.

How does a VPN protect data?

encryption

55.

What is traffic?

Data being transported on a network

56.

What is a software firewall?

A program that runs on a computer to allow
or deny traffic between the computer and
network to which it is connected

57.

When should backups be made?

Weekly or monthly

58.

Where should backups be stored?

Approved offsite storage location

59.

What is a smart card?

A small plastic card with a small chip
embedded in it

60.

What is biometric security?

Compares physical characteristics against
stored profiles to authentic
ate people

61.

What is a profile?

A data file containing known characteristics
of an individual

62.

Which file system offers journaling and
encryption capabilities?

NTFS

63.

What utility do you run to convert from
Fat32 to NTFS?

Convert

9.3.4 Describe
wireless security techniques

64.

What are the basic security settings that
should be configured on a wireless router
or access point?

SSID; MAC address filtering

65.

What is the SSID (service set identifier)?

The name of the wireless network

66.

What is

the first generation security for
wireless?

WEP (Wired Equivalent Privacy)

67.

Which wireless encryption supports robust
encryption provides government grade
security?

WPA2

68.

Which wireless security protocol was
created by Cisco?

LEAP (Lightweight Ext
ensible Authentication
Protocol)

69.

What is WTLS (Wireless Transport Layer
Security)?

A security layer used in mobile devices that
employ WPA

Packet Tracer Activity

9.4 Identify common preventive maintenance techniques for security

9.4.1 Explain how
to upgrade signature files for anti
-
virus and anti
-
spyware software

70.

What are the steps to update a signature
file?

1.

Set windows restore point

2.

Open anti
-
virus/anti
-
spyware
program

3.

Locate update control button and
select it

4.

After program is updated, use
to
scan computer

5.

Check report for viruses

6.

Set up program to automatically
update

71.

What do virus, spyware, and adware
detection programs look for?

Patterns in programming code

72.

What are the code patterns called?

Signatures

73.

In order to ensure th
at the update is
authentic and not corrupt, where should
you retrieve the signature files from:

Manufacturer’s website

74.

What are mirrors?

Download sites set up by manufacturers to
avoid creating too much traffic at a single
website.

9.4.2 Explain how

to install operating system service packs and security patches

75.

Where do you get the tools necessary to
remove viruses and repair the computer
code that has been modified?

Manufacturer’s website

Software security company

76.

What are patches?

Code up
dates that manufacturers provide to
prevent newly discovered viruses or worms
from making a successful attack

77.

What is a service pack?

Patches and upgrades combined

Worksheet: OS Updates

9.5 Troubleshoot Security

78.

What are the steps in the troubl
eshooting
process?

1.

Identify the problem

2.

Establish a theory of probably cause

3.

Determine the exact cause

4.

Implement a solution

5.

Verify solution and full system
functionality

6.

Document findings

9.5.1 Review the troubleshooting process

9.5.2 Identify common pro
blems and solutions

79.

What can you do if a user is receiving
hundreds or thousands of junk emails each
day?

Filter mail on the server

80.

What can you do if an unauthorized access
point is discovered on the network?

Discount and confiscate the unauthor
ized
device

81.

How can you stop user with flash drives
from infecting computers on the network?

Prevent the use of removable media on the
network

Worksheet: Gather Information from the Customer