Section 5.0 - Security


SubSection 5.2 Security Features

UPDATE: 2/27/12 - When creating your Wiki Pages, make sure to define any words that may be technical. For example, DDOS needs to be defined. Not every user will be able to know this from memory. At the very least, LINK it to another site that has the definition. Delete this after you read it.

Wireless Ecryption

  • WEPx

    • WEP stands for Wired Equivalent Privacy.
    • WEP is a security protocol that is built into the 802.11 standards for wireless connectivity. It governs how data can be encrypted while traveling across a wireless network.
    • For WEP to work, a key code between the Wireless Access Point (WAP) and the client has to be set up.
    • If a WEP is setup, the client trying to connect to the WAP must put in the key to access the Wi-Fi.
  • WPAx

    • WPA stands for Wi-fi Protected Access.
    • WPA is in all newly certified wireless equipment. It is replacing WEP and fixes most of its flaws.
    • WPA uses a shared key or Public Key Infastructure (PKI).
  • Client Configuration (SSID)

    • SSID stands for Service Set Identifier
    • The WLAN (wireless LAN) needs a network name, also known as the SSID.
    • The SSID is the name of the router or the WAP manufacturer by default. It can be changed during the WAP configuration
    • The SSID can be up to 32 characters long.









Malicious Software Protection

  • Viruses

    • Destructive or damaging software meant to disrupt the operation of a PC, destroy data, or even destroy hardware.
    • You can get a virus through E-mail attachments, digital media (floppy disks, CD-ROMS, USB), or webpage downloads.
  • Trojans

    • A Trojan Horse is a software that includes undisclosed functions.
      • For example, a game might log your keystrokes to capture passwords and sends it to the Trojan's author. They can then break into your computer.
    • You can get Trojan Horses through e-mail attachments or Web page downloads.
  • Worms

    • A program that spreads itself throughout the computer meant to disrupt the operation of a PC.
    • Worms can be used to create zombies, which are PCs that are infected and try to attack remote systems through distributing denial-of-service attacks (DDOS).
    • You can get a network through network ports, shared folders, e-mail attachments, and so forth.
  • Spam

    • Junk e-mail, officially known as unsolicited commercial e-mail (UCE).
    • Spam is just unwanted emails therefore you can only get it through e-mail.
  • Spyware

    • Software that monitors and gathers information without the user knowing.
    • You can get spyware through e-mail attachments, web page downloads, or the automatic ActiveX component when you visit a web page.
  • Adware

    • Software that displays advertisements, which might or might not be targeted to your interests.
    • You can get adware through e-mail attachments, web page downloads, or automatic ActiveX component when you visit a web page.
  • Grayware

    • A general name for software that has annoying, undisclosed, or undesirable behaviors. Trojan horses are a specific type of grayware.
    • You can get grayware through e-mail attachments or web page downloads.
  • Protecting yourself from Malicious Software

    • To protect your computers from malicious software, you should follow these guidelines:
      • Never open e-mail attachments, even from people you know, without scanning the attachment with an antivirus software first.
      • Don't click Web links in an e-mail. The link you see and the actual address behind the link could be different.
      • Make sure firewall is turned on within your computer to prevent access from outside your internal network. Firewalls block access to your computer from non-trusted sources.
      • Install antivirus software, which scans your computer to detect and remove viruses on your computers.







Bios Security

  • Drive Lock

    • If you are concerned about malicious software being introduced through a drive that accepts external disks, you can use BIOS to lock the drive or disable booting from that drive.
  • Passwords
    • Admin Password

      • Used to secure BIOS configuration settings. Without this password, the BIOS setting cannot be changed.
    • System Password

      • Used to prevent unauthorized users from booting the computer.
    • Password Changes

      • Used to prevent the system password from being changed without the correct administrative password.
  • Intrusion Detection

    • Many BIOS programs will alert you when an unsuccessful attempt is made to change the BIOS.
    • The next time the computer is booted, a warning will be displayed, as long as you are logged in as the administrative.
  • TPM

    • TPM stands for Trusted Platform Module.
    • BitLocker stores encryption keys on each computer's TPM chip.
    • The TPM chips also limits the amount of attempts a person has to access the BIOS.

Passwords

Your Password is your secret code to access your files.
  • Password Management

    • It's better to memorize instead of write down passwords; or use a program that saves and encrypts that information
    • Use different passwords for different locations
  • Password Complexity

    • You should try to complicate passwords but make sure you will be able to remember it.
      • Using numbers as well as uppercase and lowercase letters and symbols strengthen passwords
        • Ex. 182286Jj!
      • Never share your passwords with anyone!

Locking Workstations

  • Hardware

    • By restricting physical access to your computer, you can eliminate a very large potential for a security breach.
    • Some restrictions you may consider are:
      • Lock server rooms with a key or key card lock. Use seperate rooms for low-security computers and high-security computers.
      • Lock PC cases to limit access to the systems to those who have keys.
      • Install a physical locking system so your computer can not be used from the desk.(Shown in picture below)
      • Use cameras or motion-sensor alarms to monitor spaces during non-business hours.
      • Station guards near ultra sensitive systems.


22370710i_01.jpg

http://www.officemax.com/catalog/images/397x353/22370710i_01.jpg


  • Operating System

    • Firewall
      • Make sure firewall is turned on, on the computer.
        • A firewall is software or hardware used to control information that's sent and received from outside the network.
        • Firewalls can filter data packets.
        • Firewalls can filter ports so that outside clients can't communicate with inside services listening to these ports.
        • Firewalls can filter applications, such as FTP, so that users inside the firewall can't use this service over the internet.
        • Some firewalls can filter information, such as inappropriate Web content for children or employees.
firewall.jpg
anonymous-proxy-server-network.jpg
300px-Windows_Security_Center_XP_SP2.png

http://upload.wikimedia.org/wikipedia/en/thumb/f/f3/Windows_Security_Center_XP_SP2.png/300px-Windows_Security_Center_XP_SP2.png



Biometrics

A Biometric device authenticates/identifies a user through examination of biological trait, such as fingerprint or retinal vein pattern.
  • Fingerprint scanner

    • Fingerprint scanners are the most common biometric device.
    • To use these devices you place a finger over a sensor window scanner. It scans your fingerprint and compares it to a database of user names and passwords. If the match is found you are logged onto the computer.

fingerprint-scan.jpg

http://fingerprint-security.net/2011/07/05/fingerprint-scan-9/

"Created By: Krystal"