Module 5 security
-
Upload
it -
Category
Technology
-
view
390 -
download
3
description
Transcript of Module 5 security
Operating System Reference Guide
Module 5- Security
2
Module 5- SecurityOperating System Reference Guide
Module 5 Security
Introduction
Data Security is the process of ensuring that data is safe and is free from corruption.
Ideally, three common methods are used to prevent data – accounts, group and permission
◊ Physical security of data◊ Providing permissions to groups◊ Permissions that defines the data
3
Module 5- SecurityOperating System Reference Guide
Lesson 1 - Understanding Networking in Windows
Topics covered are
◊ Data security
◊ Authentication technologies
◊ PC security
◊ Wireless security
◊ Other security issues
4
Module 5- SecurityOperating System Reference Guide
Topic 1 – Data Security
Accounts, Groups and permissions
◊ Data security ensures that data is safe from corruption and access to that data is under control.
◊ It is not enough to have good firewall, but data security should ensure privacy, which helps in protecting personal data.
◊ Having a firewall will protect the system from other system accessing it
Accounts
◊ We need valid accounts to access Windows 2000/XP system. If the account is not valid, the user cannot use the system.
5
Module 5- SecurityOperating System Reference Guide
Topic 1 – Data Security
Groups
◊ A group defines a collection of accounts that share the same access possibilities
◊ Creating a group makes the job easy
◊ The user can assign a particular level of access for a file to a group
◊ Otherwise the users need to give permission to individual users separately
6
Module 5- SecurityOperating System Reference Guide
Topic 1 – Data Security
Permissions
◊ Permission defines the level of accessibility of a particular account can or cannot do to the file
◊ For example: you can let a person to edit a file but not delete it
◊ Can let a person to create a folder and not permit other people to make subfolders
7
Module 5- SecurityOperating System Reference Guide
Topic 1 – Data Security
Local security policy
◊ A local user or group is an account that can be granted permissions and rights from your computer
◊ Local Users and Groups is an important security feature because you can limit the ability of users and groups to perform certain actions by assigning them rights and permissions.
◊ A security policy is a combination of security settings that affect the security on a computer
◊ By using a security policy you can control unauthorized access to the computer
◊ Use of the resources shared on the computer and the recording of the group/non-group’s actions displayed by the event log.
8
Module 5- SecurityOperating System Reference Guide
Topic 1 – Data Security
Encryption
◊ In cryptography encryption is a process where we make a document unreadable without the proper knowledge or key to read it
◊ It is at times referred as scrambling
◊ Microsoft calls the encryption utility in NTFS as EFS that is Encrypting Files System
9
Module 5- SecurityOperating System Reference Guide
Topic 1 – Data Security
Data remnant removal
◊ Removing all usable data from media typically hard drive or any media is called as Data Remnant Removal.
◊ Data can be on any magnetic or optical devices
◊ As data or Hardware ages, we can bring policies to remove the data from the present storage and move it on to the new media
◊ Another way is to physically write down the information of the media & contents of it
◊ This process of removing the user data is known as Data Remnant Removal
10
Module 5- SecurityOperating System Reference Guide
Topic 1 – Data Security
► Audit and event logging
Audit is the process that tracks the activities of users by recording selected types of events in the security log of a server or a workstation
Before auditing is implemented the auditing policy must be selected
An auditing policy specifies categories of security-related events that you want to audit
11
Module 5- SecurityOperating System Reference Guide
Topic 1 – Data Security
Password Management
◊ A password is used to control access to resource. The password should be kept secret from those not allowed access
◊ Passwords are used in many fields.
◊ To protect computer operating systems, mobile phones cable TV decoders, automated teller machines (ATM)
12
Module 5- SecurityOperating System Reference Guide
Topic 1 – Data Security
Protecting the password
◊ Create a password, which is easy to remember but hard to guess by others.
◊ The account lockout policy can be enabled to lock the computer when an incorrect password is typed for 3 times
◊ Include punctuation marks or symbols.
◊ Do not use blank space.
◊ Change password once every 6 months.◊ Use upper and lower case characters.
◊ Do not write down the password.
13
Module 5- SecurityOperating System Reference Guide
Topic 2 – Authentication Technologies
► Smart Card
Unlike magnetic stripe cards, smart cards can carry all essential functions and information
Smart card resembles a credit-card in shape and size
The small microprocessor embedded inside is used for security
When this smart card is interfaced with the computer using a card reader, the computer reads the information
14
Module 5- SecurityOperating System Reference Guide
Topic 2 – Authentication Technologies
► Smart card Readers Terminals
Smart Card Reader is a unit that interfaces with a PC.
Terminal is a self-contained processing device
Smart card reader can be connected through RS232 serial ports, USB ports, PCMCIA etc
15
Module 5- SecurityOperating System Reference Guide
Topic 2 – Authentication Technologies
► Types of smart cards
There are three types of smart cards available , they are
◊ Integrated Circuit Microprocessor Card
◊ Integrated Circuit Memory Cards
◊ Optical Memory Cards
16
Module 5- SecurityOperating System Reference Guide
Topic 2 – Authentication Technologies
► Biometric Devices
Biometric devices can be used as input to a computer.
A biometric device like a fingerprint scanner can be used for additional level of security
Biometric devices can also be programmed to verify a person’s identity based on the facial features, voice or even handwriting
Some of the biometric devices are
◊ Finger prints◊ Face Recognition◊ Speaker Recognition◊ Iris Recognition
17
Module 5- SecurityOperating System Reference Guide
Topic 2 – Authentication Technologies
Key Fobs
► A key fob is a small hardware device with built-in authentication mechanisms
► Electronic key fobs are used for remote keyless entry systems on motor vehicles
► People started using key fobs in apartment building to access common areas and it is used in automatic sliding doors
18
Module 5- SecurityOperating System Reference Guide
Topic 3 - Overview of various command line tools for networking
► NSlookup
1. The NSlookup utility can be used to identify the origin of a host name resolution error.
2. When the host name resolution is successful, NSlookup utility displays the hostname and the IP address of the DNS server that is configured on the local computer
Fig 1 Fig 2
19
Module 5- SecurityOperating System Reference Guide
Topic 4 - Overview of Resource Sharing
► When a large number of computers are connected in a network the resources are shared between the users.
► Folder Sharing
To access a folder present on your computer from a remote location you need to share the folder.
User must set permissions on the shared folders to control the level of access that other people have to the files and the folders
To share a folder user must right click on the folder and click properties
20
Module 5- SecurityOperating System Reference Guide
Topic 3 – PC Security
Computer Virus
Computer Malware is a term given to all forms of Computer Software designed specifically to damage or disrupt a computer system
► The different kinds of computer Malware are
Computer Virus Trojan Horse Worm Virus Hoax
21
Module 5- SecurityOperating System Reference Guide
Topic 3 – PC Security
Computer virus
A virus must
Must able to execute itself Must be able to replicate itself
The different kinds of virus are
1. File Infectors2. Boot Sector Infectors3. Master Boot Record Infectors4. Multi-Partite viruses5. Macro viruses
22
Module 5- SecurityOperating System Reference Guide
Topic 3 – PC Security
Trojan Horse
Trojan Horses are impostors. They are executable files that claim to be something desirable
but, in fact, are malicious. They do not replicate
► Worm
A Worm is program that can replicate itself from system to system without the use of a host file.
They generally exist another host file The entire file will travel from computer to computer, so the
entire file should be considered the worm
23
Module 5- SecurityOperating System Reference Guide
Topic 3 – PC Security
A Virus hoax is message that almost always is sent by email that amounts to little more than a chain letter.
Some of the common phrases used in these virus hoaxes are
◊ If you receive an email titled [email virus hoax name here], do not open it!
◊ Delete it immediately!◊ It contains the [hoax name] virus◊ It will delete everything on your hard drive and [extreme and
improbable danger specified here]◊ This virus was announced today by [reputable organization
name here]◊ Forward this warning to everyone you know!
24
Module 5- SecurityOperating System Reference Guide
Topic 3 – PC Security
► Steps to Prevent Virus are
1. Do not open any files attached to an email from an unknown, suspicious or untrustworthy source
2. Delete chain emails and junk email
3. Exercise caution when downloading files from the Internet .
4. Update your anti-virus software regularly
25
Module 5- SecurityOperating System Reference Guide
Topic 4 – Wireless Security
► Wireless Security
A wireless access point is a device that connects multiple wireless devices to form a network
The other terminal of the access point is connected to a wired device
Hence the access point serves to be a link between the wireless and wired devices
26
Module 5- SecurityOperating System Reference Guide
Topic 4 – Wireless Security
► Enabling a Static IP
A wireless device automatically assigns IP addresses to the devices that try to connect to the network
Using a DHCP on a wireless network can attract a lot of hackers to access your network, because DHCP assigns all the users including the hacker, IP addresses automatically
Hence to provide extra protection, a static IP can be assigned to the devices
27
Module 5- SecurityOperating System Reference Guide
Topic 4 – Wireless Security
► Disabling a SSID broadcast
By default a wireless network device like a router will broadcast the signal to the rest of the world
Along with the message it also broadcasts the SSID (service set identifier)
The SSID is a sequence of case sensitive alphanumeric characters having a length of 32 letters
The service set identifier is the name of the network
Any unknown network device can get connected to this network using the SSID
28
Module 5- SecurityOperating System Reference Guide
Topic 4 – Wireless Security
► Change the default SSID
◊ For a wireless device to connect to a wireless network, it needs to know the SSID of the network
◊ Hence it is advisable to change the SSID of a network to a different and trickier one
► MAC address filtering
◊ A user who is identified as a “legitimate user” by the network will create a list of MAC addresses which are allowed to access his network
◊ If a unknown (an address not in the MAC address list) address to access his network the access will be denied
29
Module 5- SecurityOperating System Reference Guide
Topic 5 – Other Security Issues
Other Security Issues
◊ BIOS Security
◊ Hardware Deconstruction and Cycling
◊ Data Migration
30
Module 5- SecurityOperating System Reference GuideTopic 6 - Network Topologies, Network Devices and Network
Operating System Bridges
A bridge is a physical unit with two ports which connects the network segments together and filters the amount of traffic on each network
Bridges
31
Module 5- SecurityOperating System Reference GuideTopic 6 - Network Topologies, Network Devices and Network
Operating System Switches
1. Switches allow different nodes (a network connection point) of a network to communicate directly with one another in a smooth and efficient manner.
2. Switches on receiving the data packets transfers only to the intended recipients preventing the wastage of the network bandwidth and optimizing efficiency
32
Module 5- SecurityOperating System Reference GuideTopic 6 - Network Topologies, Network Devices and Network
Operating System Router
1. A router is a device that connects two network interfaces together.
2. The two networks can be either two LANs or WANs or a LAN and its ISP's network.
3. A router route the packets to other networks until that packet ultimately reaches its destination
33
Module 5- SecurityOperating System Reference GuideTopic 6 - Network Topologies, Network Devices and Network
Operating System Network Operating Systems
1. Network operating system can be defined as an operating system that include special functions for connecting computers and devices into a local area network (LAN).
1. Some of the important Network operating system are UNIX, Mac OS, Novell Network, Windows NT 4.0, Windows 2000 Server, Windows Server 2003
34
Module 5- SecurityOperating System Reference Guide
Topic 7 - Configuring Network Interface Card
Network Interface Card (NIC)
1. It is a physical device that connects the computer system to the network wire
2. To connect to the network you need to install the NIC card on the computer
3. Every network card has a unique 48-bit serial number called a MAC address, which is written to ROM carried on the card. Every computer on a network must have a card with a unique MAC address
4. The manufacturer of the NIC provides the driver software which needs to be installed in order to use the NIC
35
Module 5- SecurityOperating System Reference Guide
Topic 7 - Configuring Network Interface Card
To install the NIC from the Add Hardware Wizard1. Click Start Settings Control Panel.2. In the Control Panel window, double-click on the Add
Hardware icon.
36
Module 5- SecurityOperating System Reference Guide
Topic 7 - Configuring Network Interface Card
The Add hardware Wizard window is shown below and the NIC is shown below
37
Module 5- SecurityOperating System Reference GuideTopic 8 - Installing a Network Operating System (Windows Server
2003)► Microsoft introduced Windows Server 2003 in four
product editions. They are
1. Windows Server 2003,Standard Edition2. Windows Server 2003,Enterprise Edition (32-bit,64-bit
versions)3. Windows Server 2003,Datacenter Edition (32-bit,64-bit
versions)4. Windows Server 2003,Web Edition
► pre-installation steps before installing an operating system
Installing Windows Server 2003 Enterprise Edition1. Text based2. GUI based
38
Module 5- SecurityOperating System Reference GuideTopic 8 - Installing a Network Operating System (Windows Server
2003)► Post-Installation Steps
1. The welcome screen has the Manage Your Server window. This wizard can be closed if not required.
2. To manually configure the server, open the Manage Your Server applet through the Start menu as shown
39
Module 5- SecurityOperating System Reference Guide
Lesson 2 - Internet Technology
Introduction
◊ There are several internet technologies that are used on the internet.
◊ To access the web pages you need to use a browser which can be configured with several settings.
◊ Additionally, you should be able to protect your computers from intruders using Firewall.
Topics covered in this lesson
◊ Internet Terminologies
◊ Connectivity Technologies
◊ Browser Configurations
◊ Firewall Configuration in Windows XP
40
Module 5- SecurityOperating System Reference Guide
Topic 1 - Internet Terminologies
Some of the common internet terminologies used in the modern world are
1. ISP
2. E-mail
3. HTML
4. HTTP
5. SSL
6. HTTPS
7. Telnet
8. FTP
9. Newsgroups
41
Module 5- SecurityOperating System Reference Guide
Topic 1 - Internet Terminologies
► ISP1. ISP( Internet Service Provider) is an organization that
provides access to the Internet for a monthly fee. 2. The ISP provides a username, password and an access
phone number to get connected to the internet.
42
Module 5- SecurityOperating System Reference Guide
Topic 1 - Internet Terminologies
1. Electronic mail (e-mail) is a store and forward method of composing, sending, storing, and receiving messages over electronic communication systems
2. Some of the popular email programs (or email clients) are Microsoft’s Outlook Express and Netscape’s Messenger.
The different types of servers are 1. POP3 (Post Office Protocol version 3) 2. IMAP (Internet Mail Access Protocol) 3. SMTP (Simple Mail Transfer Protocol)
43
Module 5- SecurityOperating System Reference Guide
Topic 1 - Internet Terminologies
► HTML
1. Hypertext Markup Language (HTML) is a markup language for the creation of web pages
2. The HTML documents consists of HTML elements defined using HTML tags
3. HTTP (Hypertext Transfer Protocol) is the protocol that is used on the World Wide Web
4. It defines how messages are formatted and transmitted,
1. HTTP is called a stateless protocol because each command is executed independently
44
Module 5- SecurityOperating System Reference Guide
Topic 1 - Internet Terminologies
► SSL1. Secure Sockets Layer (SSL) is a protocol developed by
Netscape for transmitting private documents via the Internet
2. The encryption technology used by SSL provides data encryption, server authentication, message integrity, and client authentication for any TCP/IP connection
► HTTPS 1. HTTPS (Secure Hyper Text Transfer Protocol) (S-HTTP) is
another protocol that transmits data securely over the internet
2. is designed to transmit individual messages securely unlike SSL which can transmit any amount of data securely between a client and a server
45
Module 5- SecurityOperating System Reference Guide
Topic 1 - Internet Terminologies
► Telnet1. It is used to provide user oriented command line login
sessions between hosts on the Internet 2. A telnet session can be started by logging in to the server
by entering a valid username and password 3. The telnet port is usually port 23
46
Module 5- SecurityOperating System Reference Guide
Topic 1 - Internet Terminologies
► FTP
1. FTP (File Transfer Protocol) is used to download a file from a server using the Internet or to upload a file to a server
2. To access an FTP site, you must use an FTP client such as WS_FTP and type the URL of the FTP site
► Newsgroups
1. To access a newsgroup, you must use a newsreader program
2. Microsoft’s Outlook Express is the most common of all newsreaders as it comes free with most versions of Windows
3. Else the ISP gives the name of the news server and also a username and password if necessary
47
Module 5- SecurityOperating System Reference Guide
Topic 2 - Connectivity Technologies
Internet can be accessed by a variety of methods including telephone, cable, satellite and wireless. Depending on the usage, location and the expenditure a user will have to choose from the following forms of internet given below
1. Dial-up Networking
2. DSL networking
3. ISDN networking
4. Cable
5. Satellite
6. Wireless
7. LAN
48
Module 5- SecurityOperating System Reference Guide
Topic 2 - Connectivity Technologies
► Dial-up Networking
The Dial-up connection can be categorized into two types, analog and digital connection
An analog connection requires a telephone line and modem
49
Module 5- SecurityOperating System Reference Guide
Topic 2 - Connectivity Technologies
► DSL networking
1. Use a standard telephone line but special equipment on each end to create an all the time internet
2. Common forms of DSL Asynchronous and Synchronous (ADSL) and (SDSL)
50
Module 5- SecurityOperating System Reference Guide
Topic 2 - Connectivity Technologies
► ISDN networking
1. Integrated Services Digital Network (ISDN) is a circuit switched telephone network system, designed to allow digital transmission of voice and data over ordinary telephone copper wires
51
Module 5- SecurityOperating System Reference Guide
Topic 2 - Connectivity Technologies
► Cable
When a cable company offers Internet access over the cable the downstream data is sent into a 6-MHz channel. Upstream data uses a channel of 2 MHz
Two types of equipment used in cable internet are cable modem on the customer end and a cable modem termination system (CMTS) at the cable provider's end.
52
Module 5- SecurityOperating System Reference Guide
Topic 2 - Connectivity Technologies
► Satellite
1. Satellite Internet services are used in locations where terrestrial Internet access is not available
2. The connection to high speed satellite Internet service is comprised of both indoor and outdoor equipment
3. Outside, there is an antenna and transmit-and-receive electronics, along with a connection to a small, dish.
4. This equipment connects by coaxial cable to the Indoor Receive Unit (IRU) and Indoor Transmit Unit (ITU) which connect to your computer through a simple USB connector
53
Module 5- SecurityOperating System Reference Guide
Topic 2 - Connectivity Technologies
The satellite internet mechanism and a reception antenna is shown in the figure below
Satellite Internet mechanism Satellite Internet Dish
54
Module 5- SecurityOperating System Reference Guide
Topic 2 - Connectivity Technologies
► Wireless1. The wireless Internet means that you must connect to a
LAN that is wired to an ISP
55
Module 5- SecurityOperating System Reference Guide
Topic 2 - Connectivity Technologies
► LAN1. A local area network (LAN) is a group of computers and
associated devices that share a common communications line or wireless link.
2. Ethernet is by far the most commonly used LAN technology )
56
Module 5- SecurityOperating System Reference Guide
Topic 3 - Browser Configurations
1. There are several configurations that can be set on a web browser.
2. The most commonly used web browser is the Microsoft Internet Explorer.
3. The settings on this web browser in the Internet Explorer Options present in the Control Panel applet or by clicking the Tools menu The settings on the internet explorer are:
1. Proxy Server 2. Security and Scripts
57
Module 5- SecurityOperating System Reference Guide
Topic 3 - Browser Configurations
► Proxy Server
1. A proxy server is a computer that allows clients to make indirect network connections to other network services
2. Hence the client computers are configured with the IP address of the server which is directly connected to the network server providing the service
58
Module 5- SecurityOperating System Reference Guide
Topic 4 - Firewall Configuration in Windows XP
1. Firewall is a type of security mechanism that acts as a barrier to check the data (often called traffic) coming to the computer from other computer
1. There are two kinds of firewalls 1. Hardware Firewall 2. Software Firewall
Firewall
59
Module 5- SecurityOperating System Reference Guide
Conclusion
► Summary A network is a set of computers or hardware devices
connected together physically or logically
A network protocol is a software that provides a set of rules for communicating between computers.
The computers in a windows network communicate with each other using their IP address.
In Microsoft Windows network, a device can be configured with a static or a dynamic IP Address
IPX/SPX (NWLink) is the Microsoft implementation of IPX/SPX AppleTalk is the proprietary Apple protocol which is small and
relatively fast like IPX
60
Module 5- SecurityOperating System Reference Guide
Conclusion
Summary◊ Microsoft Windows operating system provide several
command line tools that can be used for troubleshooting any TCP/IP related issues.
◊ The various kinds of resources such as files, folders, entire drives, printers, faxes, Internet connections, etc can be shared on a Windows operating system
◊ There are several terminologies used in the internet. These include, ISP, SSL, Email, HTTP, HTML, FTP, Telnet, etc.
◊ ISP or Internet Service Provider is an organization that provides access to the Internet for a monthly fee.
61
Module 5- SecurityOperating System Reference Guide
Conclusion
Summary◊ HTTP (Hypertext Transfer Protocol) is the protocol, which
defines how messages are formatted and transmitted
◊ SSL or Secure Sockets Layer provides secure transmission of data between web browsers and web servers.
◊ HTTPS or Secure Hyper Text Transfer Protocol (S-HTTP) is another protocol that transmits data securely over the internet.
◊ Telnet is a terminal emulation program for TCP/IP networks such as the Internet.
◊ Windows XP Professional operating system has a built-in firewall called Internet Connection Firewall (ICF).