1100 Ch13: Security

Questions and Answers

What is the purpose of InPrivate browsing in MS Edge?

To disable all internet connections.

To permanently save browsing data.

To enhance download speeds.

To browse anonymously without retaining information. (correct)

What is a common characteristic of unwanted pop-ups?

They always provide substantial information.

They help enhance user experience.

They are initiated by advertisers or websites. (correct)

They are always automatically blocked.

How can the SmartScreen Filter in MS Edge help users?

By enhancing video playback quality.

By analyzing websites for suspicious items. (correct)

By permanently deleting cookies.

By blocking all advertisements.

To enable ActiveX filtering in web browsers, what should users be cautious about?

ActiveX controls can be used for malicious purposes.

Which menu option allows you to access the Clear browsing data feature in MS Edge?

Privacy, search, and services.

What is a primary function of pop-up blockers in web browsers?

To limit or block unwanted pop-up windows.

What must be selected to open an InPrivate window in MS Edge?

New InPrivate window.

Which feature in Microsoft Edge specifically detects phishing websites?

SmartScreen Filter.

What happens to cookies and files after ending an InPrivate browsing session?

They are deleted.

What is the main purpose of enabling ActiveX filtering in Internet Explorer 11?

To allow only approved websites to run ActiveX controls

What action is recommended to enhance security in AutoPlay settings?

Disable AutoPlay to prevent automatic running of media

What is the main difference between AutoRun and AutoPlay?

AutoRun runs automatically, AutoPlay requires user input

How can you disable AutoPlay on a Windows system?

Use Control Panel, uncheck AutoPlay option, and save

What does a service pack usually contain?

Combined patches and upgrades for security improvements

What happens when ActiveX filtering is turned on for a website?

Only ActiveX controls from approved sites can run

What is the key reason for applying security patches and OS updates?

To protect against newly discovered vulnerabilities

What is the primary function of email filters?

To filter email messages before they reach the user's inbox.

Which action is NOT recommended when encountering a suspicious warning window?

Click inside the warning window.

What method do Linux users use to prevent installation of untrusted software?

Cryptographic signing with a public key.

What is a potential risk of installing software from untrusted sources?

It may spread malware like Trojans.

What is the role of User Account Control (UAC) in preventing malware installation on Windows?

It restricts installation of untrusted software.

Which feature helps users detect rogue antivirus products while browsing?

SmartScreen filter.

Which mobile OS model helps prevent the installation of untrusted software?

Walled garden model.

What regular action is necessary to ensure anti-malware software remains effective?

Updating the software regularly.

What should users do if a suspicious tab or warning does not close normally?

Scan using a trusted antivirus program.

Study Notes

Chapter 13: Security

• Attacks threaten computer security and data, including physical equipment (servers, switches, wiring) and data (access, theft, loss).
• Malware is a significant threat, encompassing viruses, Trojans, adware, ransomware, rootkits, spyware, and worms.
• Common attacks include TCP/IP attacks (DoS, spoofing, syn flood, man-in-the-middle), and social engineering (phishing, pretexting, baiting, dumpster diving).
• Security policy defines the objectives for protecting network, data, and computers within an organization. It specifies authorized users, password requirements, and acceptable network usage, along with incident response procedures for remote users.
• Host-based firewalls, like Windows Defender, manage access to programs and ports.
• Wireless security configuration is critical for protecting networks.
• Troubleshooting security problems involves six documented steps.
• Malware is malicious software designed by cybercriminals to disrupt systems and networks.
• Malware is typically installed secretly and, once active, can modify computer settings, delete files, and corrupt hard drives.

Malware Types

• Viruses: Self-replicating programs that attach to code, software, or documents. They can alter files, corrupt applications, and send sensitive information.
• Trojan Horses: Disguised as legitimate software, they give attackers unauthorized access to a system.
• Adware: Software that displays advertisements.
• Ransomware: Software that encrypts files and demands a ransom for decryption keys.
• Rootkit: A specialized type of software that gives the perpetrator administrator account-level access.
• Spyware: Software that gathers information without user consent.
• Worms: Self-replicating programs that use network vulnerabilities to spread. Attackers may use these programs to slow or disrupt network operations.

How Malware Infects

• Users visiting infected websites
• Outdated antivirus software
• Vulnerable web browsers
• Downloading "free" programs
• Opening unsolicited email
• Exchanging files on file-sharing sites
• Infected computers sharing files
• USB devices found in public areas
• Opening attachments from instant messaging or social media
• Non-compliant systems (lacking updates and security software) are particularly susceptible.

Malware Removal

• Identify and research symptoms.
• Quarantine infected systems.
• Disable system restore in Windows.
• Remediate infected systems.
• Run scheduled scans and updates.
• Enable System Restore and create restore points.
• Educate the end user.

Anti-Malware Programs

• Anti-malware programs (antivirus) continuously scan for known malware signatures and behaviors.
• Anti-malware programs should be up to date to provide the latest protection against the newest viruses
• Using several anti-malware packages in combination slows down the computer.
• Anti-malware programs may automatically quarantine or delete detected threats, or prompt the user.

Protecting Against Social Engineering

• Train users to recognize social engineering tactics (phishing, pretexting, baiting, dumpster diving).
• Implement a security policy outlining acceptable use, password rules, and response to security incidents.
• Install firewalls and security software.
• Use strong passwords.
• Lock or sign out of computers when unattended.

Physical Security

• Secure entrances and restricted areas to prevent tailgating, and shoulder surfing.
• Use security systems like mantraps to limit entry points.
• Secure network equipment to prevent tampering and theft.
• Limit access to sensitive data.

Data Protection

• Backups are important because of potential security issues and data loss.
• Security for backup data is important.
• Implement encryption, access controls, and secure storage for backup data.
• Regularly validate backups to ensure accuracy and usability.

Common Security Policies

• Acceptable Use Policies: Define acceptable network resource uses.
• Remote Access Policies: Specify how remote users can access the network.
• Network Maintenance Policies: Outline procedures for network device management.
• Incident Handling Policies: Outline security response actions upon incident discovery.
• Identification & Authentication Policies: Identify authorized users with outlined verification procedures.
• Password Policies: Enforce password length, complexity, and regular changes.

Wireless Security

• Secure Wi-Fi networks using strong passwords.
• Change default passwords for networks.
• Do not broadcast the Wi-Fi network name.

System Configurations

• Review Windows Firewall settings.
• Configure security policies in Windows.
• Use the Windows Firewall with Advanced Security tool as necessary.

Cryptography

• Hash encoding verifies message integrity.
• Asymmetric encryption relies on two keys, with public key available.
• Symmetric encryption uses a single key.

Description

Explore the various threats to computer security, including malware and common attack methods such as TCP/IP attacks and social engineering tactics. This chapter also outlines the importance of security policies and troubleshooting steps necessary for protecting networks and data. Dive into the critical measures needed to ensure wireless security configurations are in place.