IT ESSENTIALS V. 4.1
Explain why security is important
Who is affected by a lapse in security?
How can a network or computer be
Theft, loss, network intrusion, physical
What are the pri
mary responsibilities of a
Data and network security
Worksheet: Security Attacks
9.2 Describe Security Attacks
What is a physical threat?
Events or attacks that steal, damage or
What is data threat?
Events or attacks
that remove, corrupt, deny
access, allow access or steal information
What is an internal threat?
What is a malicious threat?
When an employee intends to do damage
What is an external threat?
Users outside an organization that do not
have authorized access to the network or
What is an unstructured threat?
Attackers use available resources to give
access and run programs designed to
What is an structured threat?
Attackers use code to access operating
s and software
9.2.1 Define viruses, worms and Trojans
What is a virus?
A program written with malicious intent and
sent out by attackers
How are viruses transferred?
Through email, file transfers and instant
What is the most dama
ging type of virus?
One used to record keystrokes
What is a stealth virus?
One the lays dormant until summoned by
What is a worm?
replicating program that duplicates its
code to the hosts on a network
Why is a worm harmful?
It consumes bandwidth
What is a Trojan?
A worm hidden in software that appears to
do one thing yet behind the scenes does
What is anti
Software designed specifically to detect,
disable, and remove viruses, worms, and
ans before they infect a computer
How can the technician keep the anti
software up to date?
Apply most recent updates, patches, and
virus definitions as part of a regular
Worksheet: Third party Anti
plain web security
Why is web security important?
Because so many people visit the World
Wide Web everyday
What is ActiveX?
Technology created by Microsoft to control
interactivity on web pages
What is Java?
Programming language that allows
to run within a web browser
Rotating banner or a pop
9.2.3 Define adware, spyware and grayware
What is adware?
Software program that displays advertising
on your computer
What is grayware?
A file or program other than a virus that is
What is phishing?
Social engineering where attackers try to
persuade the reader to unknowingly provide
attackers with access to personal
What is spyware?
ty on the computer and
sends this information to the organization
responsible for launching the spyware
Activity: Adware, Spyware, Phishing
9.2.4 Explain Denial of Service
What is denial of service?
A form of attack that prevents users from
g normal services because the
system is busy responding to abnormally
large amounts of requests
What are two common DoS attacks?
Ping of death; email bomb
What is a zombie?
An infected computer located at difference
geographical locations used to
of service attacks
9.2.5 Describe spam and popup windows
What is spam?
Junk mail, unsolicited email
What are common indicators of spam?
No subject line, incomplete return address,
return email not sent by user, computer
9.2.6 Explain social engineering
What is a social engineer?
A person who is able to gain access by
tricking people into providing the necessary
How can you protect again social
Never give out your password
Restrict access of unexpected visitors
Escort all visitors
Lock your computer when you leave your
Do not let anyone follow you through a door
that requires an access card
9.2.7 Explain TXP/IP attacks
What is a SYN flood?
Randomly opens T
CP ports, typing up
network equipment with large amount of
false requests, causing sessions to be denied
What is spoofing?
Gains access to resources on devices by
pretending to be a trusted computer
What is a man
ntercepts or inserts false information in
traffic between two hosts
What is a Replay attack?
Uses network sniffers to extract usernames
and passwords to be used at a later date to
What is DNS poisoning?
Changes DNS records on a system
to false servers where data is recorded
9.2.8 Explain data wiping, hard drive destruction and recycling
What is hardware destruction?
The process of removing sensitive data from
hardware and software before recycling or
are the three methods commonly
used to destroy or recycle data and hard
Data wiping, hard drive destruction, and
hard drive recycling
What is data wiping?
Secure erase; a procedure to permanently
delete data from a hard drive
How can yo
u fully ensure that data cannot
be recovered from a hard drive?
Shatter the platters with a hammer and
safely dispose of the pieces
9.3 Identify Security Procedures
How often should security plans be
9.3.1 Explain what is required i
n a basic local security policy
What questions should be covered in a
basic security policy?
What assets require protection
What are the possible threats
What do we do in the event of a
Who is responsible for security
What are the recommended password
Includes uppercase and lowercase letters
combined with numbers and symbols
9.3.2 Explain the tasks required to protect physical equipment
What is the Trusted Platform Module
ialized chip installed on the
motherboard of a computer to be used for
hardware and software authentication
How can you protect the access to your
Card keys, biometric sensors, posted
security guard, sensors (RFID) to monitor
3 Describe ways to protect data
What are the two levels of password
protection that are recommended?
What password will prevent the operating
system from booting?
What is a lockout rule?
When unsuccessful attempts have been
made to access the system; user can no
longer access the system
What is a VPN connection?
Allows remote users to safely access
resources as if their computer is physically
attached to the local network
How does a VPN protect data?
What is traffic?
Data being transported on a network
What is a software firewall?
A program that runs on a computer to allow
or deny traffic between the computer and
network to which it is connected
When should backups be made?
Weekly or monthly
Where should backups be stored?
Approved offsite storage location
What is a smart card?
A small plastic card with a small chip
embedded in it
What is biometric security?
Compares physical characteristics against
stored profiles to authentic
What is a profile?
A data file containing known characteristics
of an individual
Which file system offers journaling and
What utility do you run to convert from
Fat32 to NTFS?
wireless security techniques
What are the basic security settings that
should be configured on a wireless router
or access point?
SSID; MAC address filtering
What is the SSID (service set identifier)?
The name of the wireless network
the first generation security for
WEP (Wired Equivalent Privacy)
Which wireless encryption supports robust
encryption provides government grade
Which wireless security protocol was
created by Cisco?
LEAP (Lightweight Ext
What is WTLS (Wireless Transport Layer
A security layer used in mobile devices that
Packet Tracer Activity
9.4 Identify common preventive maintenance techniques for security
9.4.1 Explain how
to upgrade signature files for anti
virus and anti
What are the steps to update a signature
Set windows restore point
Locate update control button and
After program is updated, use
Check report for viruses
Set up program to automatically
What do virus, spyware, and adware
detection programs look for?
Patterns in programming code
What are the code patterns called?
In order to ensure th
at the update is
authentic and not corrupt, where should
you retrieve the signature files from:
What are mirrors?
Download sites set up by manufacturers to
avoid creating too much traffic at a single
9.4.2 Explain how
to install operating system service packs and security patches
Where do you get the tools necessary to
remove viruses and repair the computer
code that has been modified?
Software security company
What are patches?
dates that manufacturers provide to
prevent newly discovered viruses or worms
from making a successful attack
What is a service pack?
Patches and upgrades combined
Worksheet: OS Updates
9.5 Troubleshoot Security
What are the steps in the troubl
Identify the problem
Establish a theory of probably cause
Determine the exact cause
Implement a solution
Verify solution and full system
9.5.1 Review the troubleshooting process
9.5.2 Identify common pro
blems and solutions
What can you do if a user is receiving
hundreds or thousands of junk emails each
Filter mail on the server
What can you do if an unauthorized access
point is discovered on the network?
Discount and confiscate the unauthor
How can you stop user with flash drives
from infecting computers on the network?
Prevent the use of removable media on the
Worksheet: Gather Information from the Customer