Security Concerns and Solutions

Questions and Answers

What is a primary concern related to unauthorized access in computer security?

• Data encryption for secure transactions
• Malicious code from outdated antivirus software
• Unauthorized users accessing sensitive corporate data (correct)
• Online transactions being unregulated

Which of the following is a recommended user security solution to prevent interception of network traffic?

• Using a firewall only on the server
• Local policies restricting user access
• Data encryption to avoid packet interception (correct)
• Regularly updating personal passwords

Which of these strategies can significantly reduce the risk of property or data loss?

• Implementing antivirus software that is updated regularly (correct)
• Utilizing stringent permissions to all users
• Limiting system capabilities with local policies
• Constant monitoring of user behavior

What is one way to mitigate the threat of malicious attacks on network servers?

Utilizing a firewall (hardware or software) (B)

Which of the following does not contribute to user security in protecting corporate data?

Frequent online transactions without monitoring (D)

What is the primary purpose of chain of custody in legal contexts?

To maintain the integrity and admissibility of evidence (A)

What security feature is specifically designed to prevent unauthorized access by tailgating?

Mantrap (C)

Which practice is considered a security risk related to password management?

Reusing passwords across multiple accounts (A)

What approach should clients take to improve password security?

Create longer passwords with a mix of characters (C)

What was a significant finding regarding password disclosure among office workers according to the studies mentioned?

A majority would trade their passwords for minimal rewards (B)

What is the purpose of implementing the Principle of Least Privilege?

To restrict users’ access to only necessary resources for their job (D)

Which method is NOT recommended for secure deletion of data from devices?

Flushing the data cache regularly (B)

Which type of backup saves files that have been accessed since the last backup of any kind?

Incremental backup (B)

What is two-factor authentication typically composed of?

Two out of three options: something you are, something you have, or something you know (A)

Why is renaming the Administrator account considered a security measure?

It disguises the account from being a primary target for attackers (B)

What type of backup only saves files that have changed since the last full backup?

Differential backup (A)

What aspect of security policies is crucial for corporate environments?

All employees must be familiar with them (A)

What role does determination and vigilance play in data security?

They are vital for keeping data/assets secure against threats (D)

Which physical security measure can help avoid data loss due to theft?

Industrial system anchors and locks (D)

What technique is commonly used in social engineering to gain unauthorized access?

Phishing (A)

What is one of the key recommendations for disaster prevention?

Maintain constant temperature in the server room (B)

What should you do to prepare for different types of disasters?

Have a plan well in advance (C)

Which strategy can be used to limit downtime after a server failure?

Keep spare hardware on hand (A)

Why is it important to educate users about inherent dangers?

To enhance overall security awareness (A)

What legal aspect must be understood in the event of a disaster?

Personal legal and financial liabilities (D)

What should be done if data needs to be transported offsite?

Encrypt the data before transport (A)

Flashcards

Firewall

A software or hardware barrier protecting a network from unauthorized access. It acts like a gatekeeper, allowing only authorized traffic to enter and leave.

Authentication

A process used to verify a user's identity before granting access to a system or data. It ensures that only authorized individuals can access sensitive information.

Data Encryption

A technique used to scramble data into an unreadable format. This protects sensitive information from being intercepted and understood during transmission.

Antivirus Software

Software designed to detect and remove malicious programs (viruses, malware, etc.). It helps protect computers and networks from harmful software attacks.

Local Policies

Rules and guidelines designed to restrict user activities on a system. These limits can help prevent unauthorized actions and safeguard sensitive information.

Physical Security Solutions

Physical security measures are critical for protecting IT systems from theft and unauthorized access. These solutions aim to prevent physical tampering and limit access to sensitive hardware.

Tamper-resistant screws

Tamper-resistant screws prevent unauthorized access to internal components of devices by requiring special tools for removal.

Social Engineering

Social engineering exploits human psychology to gain unauthorized access to systems or information. This can involve deception, manipulation, and exploiting trust.

Phishing

Phishing is a common social engineering tactic that uses deceptive emails or websites to trick users into revealing sensitive information.

Daily Server Backups and Mirrors

Having multiple backup copies of server data, one at the site and one off-site, ensures data recovery in case of disasters like server failures or theft.

Spare Hardware

Having spare hardware readily available minimizes downtime during emergencies. Ideally, replacements should be exact replicas of the original equipment.

Disaster Prevention

Preventive measures ensure the longevity and stability of IT systems, reducing the risk of downtime and data loss. These measures include maintaining optimal environmental conditions and implementing surge protection.

Deep Freeze Software

Deep Freeze software creates a protected environment, effectively rolling back unauthorized changes. This feature is valuable for ensuring system integrity and security.

Principle of Least Privilege

The idea that users should only have access to the resources they need to complete their job, and no more.

Differential Backup

A backup that copies all files that have been changed since the last full backup.

Incremental Backup

A backup that copies all files that have been changed since the last backup, regardless of the type of last backup.

Two-Factor Authentication

A security measure that involves using two or more authentication factors to verify a user's identity.

Secure Deletion

The process of securely deleting data from a device, making it irretrievable.

Administrator Account

An account that is used to manage and configure a system, often targeted by hackers.

Security Policy

A security policy that is intended to prevent unauthorized access to data, systems, and networks.

What is Chain of Custody?

A detailed record documenting the handling of evidence. It ensures its integrity and admissibility in legal proceedings. Every step, including who handled the item, is recorded.

What is a Mantrap?

A security feature that only allows one individual to pass through a secure area at a time, preventing unauthorized people from entering by following someone with access.

What is a Honeypot?

A decoy server designed to attract and trap hackers or attackers. This provides insights into threat origin, frequency, and type.

How to advise users on strong passwords?

Encouraging users to change their passwords regularly, using longer phrases, incorporating upper and lowercase letters, numbers, and special characters to improve security.

What is password confidentiality?

The act of revealing a password to unauthorized individuals, often in exchange for trivial items like a pen or chocolate.

Study Notes

Security Concerns

• Unauthorized users accessing sensitive corporate data (e.g., disgruntled ex-employees, hackers).
• Intercepting/listening to network traffic (especially wireless).
• Malicious outside attacks on network servers.
• Property/data loss due to theft.
• Property/data loss due to fire.
• Online transactions.
• Viral infections.

User Security Solutions

• Firewalls (hardware or software).
• Strict user permissions limiting access to necessary data.
• Authentication methods.
• Data encryption to prevent interception.
• Regularly updated antivirus software.
• Local policies restricting system capabilities.
• Limiting system access (e.g., no removable drives).

Physical Security Solutions

• Theft prevention (e.g., tamper-resistant screws, alarms).
• Closed circuit monitoring.
• Regular hardware inventory.
• Secure system anchors and locks.
• Physical authentication (e.g., proximity cards, fingerprint readers).
• Limited server access.

Social Engineering

• Social engineering is a type of "hacking" that manipulates people to gain unauthorized access.
• Phishing.
• Impersonation.
• Shoulder surfing.
• Baiting (leaving a decoy to lure users).
• Identity theft.

Plan for Disaster

• Make daily server backups and mirrors (one on-site, one off-site).
• Maintain extra hardware for quick replacements to minimize downtime.
• Prepare a plan for various disasters (e.g., server crash, drive failure, network attack, theft).
• Begin damage control.

Disaster Prevention

• Disasters are inevitable.
• Maintain optimal server/equipment room conditions (temperature, location).
• Avoid basements to reduce flood damage.
• Use high-quality surge protection and backup power systems.
• Implementing deterrents to reduce theft.

Disaster Prevention (User Focus)

• Educate users about security risks.
• Implement backup/restore system images.
• Avoid concealing file extensions.
• Implement software undoing unauthorized changes.

Disaster Prevention (Technical)

• Use the correct tools (e.g., do not substitute network intrusion software for firewalls).
• Understand personal legal/financial liabilities relating to data breaches.
• If transporting off-site data, be mindful of potential consequences for data falling into the wrong hands.

More Points About Security

• Act as a security advocate to protect data and assets.
• Methods used to compromise security evolve, so constant vigilance is required.

A Few More Security Tips

• Security policies exist (all employees must be familiar).
• Rename administrator accounts and create false accounts (hackers often target Administrator accounts).
• Limit login attempts to protect accounts.

Backups

• Backup strategies typically involve a full backup at the beginning of the week.
• Subsequent backups can be differential (changes since last full) or incremental (changes since last backup).
• Backup frequency depends on department access patterns.

Authentication

• Authentication validates user identity accessing a resource.
• Two-factor authentication is common (something you are, have, or know).
• Periodic authentication is often required within a system.

Secure Deletion of Data

• Hard drives: software overwrites data repeatedly (e.g., DBAN), degaussing or physical destruction.
• Optical disks: many shredders have slots for disks; employing industrial shredding services is advised for discarded EOL devices.

Security (Policy & Procedures)

• Principle of Least Privilege: users only have access to the information necessary for their jobs.
• Chain of Custody: detailed documentation trails the handling of evidence.

Security (Methods)

• Mantrap: secure area allowing only one person at a time to pass (mitigates tailgating).
• Honeypot: decoy server to lure attackers and gather threat intelligence.

Passwords

• Encourage/force regular password changes.
• Longer, more complex passwords (upper/lowercase, numbers, symbols) are better.
• Avoid reusing passwords for multiple accounts.

Password Confidentiality

• Studies show significant percentages of workers share passwords for small incentives.
• Password security is crucial, and companies need to implement safeguards and policies to prevent breaches.