Security - PowerPoint PPT Presentation

1 / 58

About This Presentation

Title:

Security

Description:

Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human aspects of security – PowerPoint PPT presentation

Number of Views:97

Avg rating:3.0/5.0

Slides: 59

Provided by: TimPo91

Category:

more less

Transcript and Presenter's Notes

Title: Security

1
Security

Unit objectives
Configure operating system and file system
security
Install a fingerprint scanner and card reader
Manage the human aspects of security

2
Topic A

Topic A Operating system security
Topic B Security hardware
Topic C The human aspects of security

3
User accounts

Object that represents a user of the computer
Name, password, group membership
User
Administrator
Guest

4
Groups

Management tool for applying security settings to
multiple users
Users
Administrators
Power Users

5
Active Directory

Management framework
Centralized database of security data
Domains
Forests
Organizational units

6
Activity A-1
Securing access to the operating system
7
File system security

Logical organization scheme for files
Windows supports
File Allocation Table (FAT)
FAT32
NTFS
Only NTFS supports security

8
NTFS advantages

Larger disks
Security
Compression and encryption
Disk quotas
Recovery logging

9
Activity A-2
Choosing the correct file system for security
10
NTFS security

Security tab in Properties dialog box
Permissions are cumulative
Explicit permissions override inherited
permissions
Permissions are inherited unless blocked
Set permissions on folders and files

11
NTFS permissions

Full control
Modify
Read and Execute
List Folder Contents
Read
Write
Special Permissions

12
Enabling the Security tab

Open Windows Explorer
Choose Tools, Folder Options
Activate the View tab
Clear the checkbox beside Use simple file sharing
Click OK

13
Activity A-3
Configuring file access restrictions
14
Encryption

Scrambling of data
Public key cryptography
Pairs of keys
Whichever encrypts, the pair decrypts
Encrypting file system (EFS)

15
Activity A-4
Encrypting files
16
Authentication mechanisms

Biometric devices
Smart cards
Fobs
Digital certificates

17
Authentication

Identity validated
Workgroup vs. domain
Local computer vs. domain
Network authentication

18
Protocols

Kerberos v5
Supported by Windows 2000, Windows XP, and
Windows Server 2003
NTLM
Supported by Windows NT, Windows 9x

19
Activity A-5
Understanding authentication technologies
20
Security policies

Password Policy
Account Lockout Policy
Audit Policy
User Rights Assignments
Security Options
Encrypting File System
Software Restriction Policies
IP Security Policies

21
Activity A-6
Using local security policies to set password
restrictions
22
Topic B

Topic A Operating system security
Topic B Security hardware
Topic C The human aspects of security

23
A fingerprint scanner
24
Activity B-1
Installing a fingerprint reader
25
Smart card and reader
26
Installing IdentiPHI Basic

Install the card reader and its drivers
Install the IdentiPHI Basic software
Configure IdentiPHI Basic to accept smart cards
Enroll a smart card and set a secure PIN for that
card

27
Activity B-2
Installing a card reader
28
Activity B-3
Installing the IdentiPHI Basic software
29
Activity B-4
Configuring IdentiPHI Basic to accept smart cards
30
Activity B-5
Enrolling a smart card with IdentiPHI
31
Activity B-6
Using a smart card
32
Activity B-7
Uninstalling the smart card reader and software
33
Fobs

Keychain sized devices
Creates a rolling code
Might need username and password, in addition to
fob number
Rolling code not random

34
Topic C

Topic A Operating system security
Topic B Security hardware
Topic C The human aspects of security

35
Alleviate security weaknesses

Restrict physical access to sensitive systems and
data
Create an automated backup schedule
Manage data destruction
Create a corporate security policy
Manage social engineering attacks

36
Physical access restrictions

Lock server rooms
Lock PC cases and peripherals
Use cameras or motion-sensor alarms
Station guards in ultra-sensitive areas

37
Activity C-1
Implementing physical access restrictions
38
Backup

Use to create copies of your files
Recover files after system failure
Back up any critical data before you begin
troubleshooting
Windows Backup is a GUI utility
Archive selected files and folders
Restore archived files and folders
Make copy of computers system state
Copy your computers system partition, boot
partition, and files needed to start up the
system

39
Backup utility in Windows XP
40
Backup modes

Wizard mode walk you step-by-step through the
process
Advanced mode provides complete control over
file and folder selection

41
Backup utility in Advanced Mode
42
Backup types

Copy
Daily
Differential
Incremental
Normal

43
Activity C-2
Backing up files using Wizard mode
44
Activity C-3
Restoring information from a backup
45
Scheduling backups

Daily
Weekly
Monthly
At predefined times
On predefined days

continued
46
Scheduling backups, continued
47
Activity C-4
Scheduling a backup
48
Data destruction and migration

Destruction utilities
Removable media and drives
Paper records
Data migration

49
Activity C-5
Examining data destruction techniques
50
Corporate security policies

Contract between company and employees
Heightens awareness
Demonstrates commitment
Spells out permitted and prohibited uses of
company resources, plus repercussions
Intrusion handling plans
Regularly review and update

51
Activity C-6
Considering corporate security policies
52
Social engineering attacks