1100 Ch13: Security

Questions and Answers

What is the purpose of InPrivate browsing in MS Edge?

• To disable all internet connections.
• To permanently save browsing data.
• To enhance download speeds.
• To browse anonymously without retaining information. (correct)

What is a common characteristic of unwanted pop-ups?

• They always provide substantial information.
• They help enhance user experience.
• They are initiated by advertisers or websites. (correct)
• They are always automatically blocked.

How can the SmartScreen Filter in MS Edge help users?

• By enhancing video playback quality.
• By analyzing websites for suspicious items. (correct)
• By permanently deleting cookies.
• By blocking all advertisements.

To enable ActiveX filtering in web browsers, what should users be cautious about?

ActiveX controls can be used for malicious purposes. (B)

Which menu option allows you to access the Clear browsing data feature in MS Edge?

Privacy, search, and services. (C)

What is a primary function of pop-up blockers in web browsers?

To limit or block unwanted pop-up windows. (D)

What must be selected to open an InPrivate window in MS Edge?

New InPrivate window. (D)

Which feature in Microsoft Edge specifically detects phishing websites?

SmartScreen Filter. (A)

What happens to cookies and files after ending an InPrivate browsing session?

They are deleted. (C)

What is the main purpose of enabling ActiveX filtering in Internet Explorer 11?

To allow only approved websites to run ActiveX controls (B)

What action is recommended to enhance security in AutoPlay settings?

Disable AutoPlay to prevent automatic running of media (C)

What is the main difference between AutoRun and AutoPlay?

AutoRun runs automatically, AutoPlay requires user input (A)

How can you disable AutoPlay on a Windows system?

Use Control Panel, uncheck AutoPlay option, and save (B)

What does a service pack usually contain?

Combined patches and upgrades for security improvements (D)

What happens when ActiveX filtering is turned on for a website?

Only ActiveX controls from approved sites can run (A)

What is the key reason for applying security patches and OS updates?

To protect against newly discovered vulnerabilities (B)

What is the primary function of email filters?

To filter email messages before they reach the user's inbox. (D)

Which action is NOT recommended when encountering a suspicious warning window?

Click inside the warning window. (B)

What method do Linux users use to prevent installation of untrusted software?

Cryptographic signing with a public key. (B)

What is a potential risk of installing software from untrusted sources?

It may spread malware like Trojans. (A)

What is the role of User Account Control (UAC) in preventing malware installation on Windows?

It restricts installation of untrusted software. (C)

Which feature helps users detect rogue antivirus products while browsing?

SmartScreen filter. (C)

Which mobile OS model helps prevent the installation of untrusted software?

Walled garden model. (D)

What regular action is necessary to ensure anti-malware software remains effective?

Updating the software regularly. (B)

What should users do if a suspicious tab or warning does not close normally?

Scan using a trusted antivirus program. (B)

Flashcards

ActiveX Filtering

A security feature in Internet Explorer that lets you control which websites can run ActiveX controls.

ActiveX controls

Small programs that can add extra features to websites.

AutoPlay

A feature that automatically runs programs when new media is inserted into a computer.

Autorun.inf

A special file that can be used to automatically run programs when new media (like a CD) is inserted into a computer.

Security Patches

Updates to software that help prevent new attacks.

Service Pack

A collection of security patches and upgrades.

Disable AutoPlay

A critical security measure to avoid running malware automatically.

InPrivate Browsing

A mode in web browsers that temporarily stores browsing data and deletes it when the session ends. This helps to protect privacy by preventing the browser from retaining information about your browsing activity.

Pop-Up Blocker

A feature in web browsers that prevents pop-up windows from appearing, usually those that are unwanted or annoying.

SmartScreen Filter

A feature provided by Microsoft Edge that checks websites and downloads for malicious content, protecting users from phishing attacks and other online threats.

How to Clear Browsing Data in Edge

Go to Settings > Privacy, search, and services > Choose what to clear and select the time range and data to delete.

How to Open an InPrivate Window in Edge

Click the More actions icon (...) in the top right corner, then choose New InPrivate window.

How to Enable SmartScreen Filter

Go to Settings > Privacy, search, and services, scroll down to Security and ensure Microsoft Defender SmartScreen is set to 'On'.

How to Disable ActiveX Controls

To disable ActiveX controls, you may need to check the settings of your web browser.

Email Filters

A line of defense against email threats like spam, viruses, and malware. It filters messages before reaching your inbox and can scan attachments before opening.

Blacklists and Whitelists

Email filters allow you to create lists of known spammer or safe domains to better control incoming messages.

Rogue Antivirus Products

Malicious software disguised as legitimate antivirus programs. They often display fake warnings and trick you into downloading them.

How to Spot Rogue Antivirus

Look for suspicious warning windows that appear while browsing, especially ones claiming your computer is infected. If unsure, NEVER click inside the window.

Windows User Security

Windows uses Administrator and Standard User accounts, User Account Control (UAC), and system policies to prevent untrusted software installation.

Linux Software Installation

Linux prompts users to install software if it's not trusted. Software is signed with a private key and requires a matching public key.

Mobile OS Security

Mobile operating systems like iOS and Android use a walled garden model, restricting app installation to approved stores.

Software Signature Updates

Anti-malware software needs regular updates because new malware is constantly being created.

Study Notes

Chapter 13: Security

• Attacks threaten computer security and data, including physical equipment (servers, switches, wiring) and data (access, theft, loss).
• Malware is a significant threat, encompassing viruses, Trojans, adware, ransomware, rootkits, spyware, and worms.
• Common attacks include TCP/IP attacks (DoS, spoofing, syn flood, man-in-the-middle), and social engineering (phishing, pretexting, baiting, dumpster diving).
• Security policy defines the objectives for protecting network, data, and computers within an organization. It specifies authorized users, password requirements, and acceptable network usage, along with incident response procedures for remote users.
• Host-based firewalls, like Windows Defender, manage access to programs and ports.
• Wireless security configuration is critical for protecting networks.
• Troubleshooting security problems involves six documented steps.
• Malware is malicious software designed by cybercriminals to disrupt systems and networks.
• Malware is typically installed secretly and, once active, can modify computer settings, delete files, and corrupt hard drives.

Malware Types

• Viruses: Self-replicating programs that attach to code, software, or documents. They can alter files, corrupt applications, and send sensitive information.
• Trojan Horses: Disguised as legitimate software, they give attackers unauthorized access to a system.
• Adware: Software that displays advertisements.
• Ransomware: Software that encrypts files and demands a ransom for decryption keys.
• Rootkit: A specialized type of software that gives the perpetrator administrator account-level access.
• Spyware: Software that gathers information without user consent.
• Worms: Self-replicating programs that use network vulnerabilities to spread. Attackers may use these programs to slow or disrupt network operations.

How Malware Infects

• Users visiting infected websites
• Outdated antivirus software
• Vulnerable web browsers
• Downloading "free" programs
• Opening unsolicited email
• Exchanging files on file-sharing sites
• Infected computers sharing files
• USB devices found in public areas
• Opening attachments from instant messaging or social media
• Non-compliant systems (lacking updates and security software) are particularly susceptible.

Malware Removal

• Identify and research symptoms.
• Quarantine infected systems.
• Disable system restore in Windows.
• Remediate infected systems.
• Run scheduled scans and updates.
• Enable System Restore and create restore points.
• Educate the end user.

Anti-Malware Programs

• Anti-malware programs (antivirus) continuously scan for known malware signatures and behaviors.
• Anti-malware programs should be up to date to provide the latest protection against the newest viruses
• Using several anti-malware packages in combination slows down the computer.
• Anti-malware programs may automatically quarantine or delete detected threats, or prompt the user.

Protecting Against Social Engineering

• Train users to recognize social engineering tactics (phishing, pretexting, baiting, dumpster diving).
• Implement a security policy outlining acceptable use, password rules, and response to security incidents.
• Install firewalls and security software.
• Use strong passwords.
• Lock or sign out of computers when unattended.

Physical Security

• Secure entrances and restricted areas to prevent tailgating, and shoulder surfing.
• Use security systems like mantraps to limit entry points.
• Secure network equipment to prevent tampering and theft.
• Limit access to sensitive data.

Data Protection

• Backups are important because of potential security issues and data loss.
• Security for backup data is important.
• Implement encryption, access controls, and secure storage for backup data.
• Regularly validate backups to ensure accuracy and usability.

Common Security Policies

• Acceptable Use Policies: Define acceptable network resource uses.
• Remote Access Policies: Specify how remote users can access the network.
• Network Maintenance Policies: Outline procedures for network device management.
• Incident Handling Policies: Outline security response actions upon incident discovery.
• Identification & Authentication Policies: Identify authorized users with outlined verification procedures.
• Password Policies: Enforce password length, complexity, and regular changes.

Wireless Security

• Secure Wi-Fi networks using strong passwords.
• Change default passwords for networks.
• Do not broadcast the Wi-Fi network name.

System Configurations

• Review Windows Firewall settings.
• Configure security policies in Windows.
• Use the Windows Firewall with Advanced Security tool as necessary.

Cryptography

• Hash encoding verifies message integrity.
• Asymmetric encryption relies on two keys, with public key available.
• Symmetric encryption uses a single key.