Section 12 MUST BE COMPLETED BY: 4/22



Similar documents
Chapter 15: Computer and Network Security

Security. TestOut Modules

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

Practice test Domain-2 Security (Brought to you by RMRoberts.com)

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

Using Remote Desktop Clients

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Critical Security Controls

11 NETWORK SECURITY PROJECTS. Project Understanding Key Concepts. Project Using Auditing and Event Logs. Project 11.3

AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT FIVE. Microsoft Windows Security.

Medical Networks and Operating Systems

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

Common Cyber Threats. Common cyber threats include:

Windows Operating Systems. Basic Security

Cyber Security Awareness

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

Locking down a Hitachi ID Suite server

Cyber Security Awareness

SonicWALL PCI 1.1 Implementation Guide

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Ovation Security Center Data Sheet

Critical Controls for Cyber Security.

CUSTOMIZED ASSESSMENT BLUEPRINT COMPUTER SYSTEMS NETWORKING PA. Test Code: 8148 Version: 01

Introduction. PCI DSS Overview

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Secure Your Mobile Workplace

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

Did you know your security solution can help with PCI compliance too?

Global Partner Management Notice

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

CompTIA Security+ (Exam SY0-410)

9 Simple steps to secure your Wi-Fi Network.

Data Access Request Service

Payment Card Industry Self-Assessment Questionnaire

CNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:

GFI White Paper PCI-DSS compliance and GFI Software products

Best Practices For Department Server and Enterprise System Checklist

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Chapter 4 Application, Data and Host Security

Designing a security policy to protect your automation solution

Security Awareness. Wireless Network Security

Jort Kollerie SonicWALL

Presented by: Mike Morris and Jim Rumph

Seven Strategies to Defend ICSs

Top tips for improved network security

Remote Deposit Terms of Use and Procedures

Sophos Enterprise Console Help. Product version: 5.1 Document date: June 2012

Defending Against Data Beaches: Internal Controls for Cybersecurity

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Codes of Connection for Devices Connected to Newcastle University ICT Network

Building A Secure Microsoft Exchange Continuity Appliance

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

NETWORK AND INTERNET SECURITY POLICY STATEMENT

McAfee.com Personal Firewall

Introduction (Contd )

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

University System of Maryland University of Maryland, College Park Division of Information Technology

CTS2134 Introduction to Networking. Module Network Security

"Charting the Course to Your Success!" MOC D Windows 7 Enterprise Desktop Support Technician Course Summary

ADM:49 DPS POLICY MANUAL Page 1 of 5

How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)

Chapter 9 Firewalls and Intrusion Prevention Systems

Security Management. Keeping the IT Security Administrator Busy

Ovation Security Center Data Sheet

Guideline on Auditing and Log Management

Student Halls Network. Connection Guide

Windows 7, Enterprise Desktop Support Technician

Firewall and UTM Solutions Guide

Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led

Universities and Schools Under Cyber-Attack: How to Protect Your Institution of Excellence

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

modules 1 & 2. Section: Information Security Effective: December 2005 Standard: Server Security Standard Revised: Policy Ref:

Configuring Routers and Their Settings

Fundamentals of Network Security - Theory and Practice-

Client Guide for Symantec Endpoint Protection and Symantec Network Access Control

High Speed Internet - User Guide. Welcome to. your world.

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only.

8 Steps for Network Security Protection

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

8 Steps For Network Security Protection

Industrial Security for Process Automation

OSU INSTITUTE OF TECHNOLOGY POLICY & PROCEDURES

74% 96 Action Items. Compliance

Symantec Endpoint Protection Small Business Edition Installation and Administration Guide

Host-based Intrusion Prevention System (HIPS)

OCR LEVEL 3 CAMBRIDGE TECHNICAL

Transcription:

Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege Require passwords Use strong passwords Use file and folder permissions Disable the Guest user account Don t use default user names Disable autorun Apply the Principle of Least Privilege to increase the security of a Windows workstation. Implement strong passwords. Use file and folder permissions to restrict access to information on a Windows workstation. Disable high-risk user accounts, such as Guest, on a Windows workstation. Disable autorun on a Windows workstation. What are the characteristics of a strong password? How can file and folder permissions be used to restrict access to information on a workstation? Which default Windows user accounts should you secure? 12.1.1 Best Practices for Securing Workstations 14:09 Implement Workstation Security 4 questions Total About 25 minutes

Section 12.2: Physical Security This section discusses the following methods of physically securing computer systems: Building security Hardware locks Lock the workstation Computer tracking service Removable storage Storage media disposal Mobile devices Wipe data from a hard disk prior to disposal. Configure a screen saver and require a password to lock the Windows desktop. What precautions should you implement for good physical security for a building? How can you prevent laptops and their components from being stolen? How can you secure unattended Windows computers? What measures can you implement to protect data on stolen laptops? What is the difference between a user password and an administrator password set in the BIOS? What is the difference of securely disposing of magnetic media and securely disposing of optical media? 12.2.1 Physical Security 19:39 12.2.3 Data Disposal and Destruction 10:05 12.2.4 Wiping a Disk 7:35 12.2.5 Configuring a Screen Saver Password 5:20 Total 42:39 Require a Screen Saver Password 6 questions About 60 minutes

Section 12.3: Social Engineering In this section students will learn how social engineering exploits human nature to convince someone to perform an activity. Concepts discussed include: Examples of social engineering Social engineering attacks: o Dumpster diving o Shoulder surfing o Piggybacking o Masquerading o Eavesdropping o Phishing Countermeasures to social engineering What characteristics of human nature does social engineering exploit? Who is usually the target in social engineering? How can dumpster diving give attackers valuable information? What is the best defense against a social engineering attack? 12.3.1 Social Engineering 8:25 7 questions Total About 20 minutes

Section 12.4: BIOS Security In this section students will learn the basics of BIOS security. Concepts covered include: Security-related features in the BIOS o BIOS passwords o Chassis intrusion detection o Hard disk password o Trusted Platform Module (TPM) Clear BIOS passwords and settings. Configure BIOS and hard disk passwords. Enable and reset chassis intrusion detection. Initialize a TPM. What is the difference between a user and an administrator password in the BIOS? Why do BIOS passwords offer little system protection? How does chassis intrusion detection help to secure the BIOS? How does a hard disk password differ from a BIOS password? What happens to the hard disk password if the disk is moved to another system? What is the function of the TPM? Where is the TPM chip located? 12.4.1 BIOS Security 9:52 12.4.2 Configuring BIOS Security Settings 8:04 Total 17:56 Configure BIOS Security 5 questions Total About 30 minutes

Section 12.5: Malware Protection In this section students will learn the basics of protecting against malware. Concepts covered include: Common malware o Virus o Worm o Trojan horse o Rootkit o Spyware o Adware o Grayware o Spam Using anti-virus software to protect against malware Additional countermeasures for malware Malicious code Considerations about protecting against malware Symptoms of malware Remediation Actions to recover from malware Install and configure malware protection software. Update malware definition files. Research virus hoaxes using Internet sources. Scan and repair infected files and systems. What is the role of a signature file when using anti-malware software to protect a system? How and when should you keep the signature files up to date? What are some common symptoms that might make you suspect that your system is infected with malware? When your system is infected with malware, what remediation actions might your antivirus software prompt you to select from? What is the process of quarantining a file? Why is user education often the best protection against malware? 12.5.1 Malware 3:39 12.5.2 Implementing Malware Protection 4:57 12.5.4 Malware Protection 13:08 12.5.5 Implementing Virus Protection 15:25 Total 37:09 18 questions Total About 70 minutes

Section 12.6: Authentication This section discusses using authentication to validate a user s identity. Topics covered include: Authentication credentials o Password o Smart card o Biometric Categories of authentication factors: o Something the user knows o Something the user has o Something the user is Multifactor authentication Password weaknesses Strong password policy Control passwords with policy settings: o Password Policy settings: Minimum password length Password complexity Maximum password age Minimum password age Enforce password history o Account Lockout Policy settings: Account lockout threshold Account lockout duration Reset account lockout counter after Troubleshooting user authentication Unlock a locked user account. Reset a password with or without a password reset disk. Log on to a remote computer. 12.6.1 Authentication 16:34 12.6.4 Configuring Password Policies 13:52 12.6.6 Using a Biometric Scanner 3:41 12.6.7 Managing Authentication 1 13:10 12.6.8 Managing Authentication 2 11:20 Total 58:37 Enforce Password Settings 14 questions Total About 90 minutes

Section 12.7: Encryption This section discusses using encryption to secure data by obscuring it from those who do not have the required key to access the data. Details about the following are presented: Types of encryption: o File encryption o Disk encryption o Data transmission encryption Encrypt files and add authorized users. How does file encryption differ from disk encryption? What is the role of a TPM when implementing whole disk encryption? What protocols are commonly used to establish a VPN? Which protocol is typically used for Web transactions? What protocols are commonly used to encrypt and secure wireless communications? 12.7.1 Encryption 5:08 12.7.3 Encrypting Files 8:45 Total 13:53 Encrypt Files 9 questions Total About 30 minutes

Section 12.8: Network Security This section discusses securing a network. Details about the following are presented: Best practices for a wired network: o Physical security o Unnecessary software o User accounts o Usernames and passwords o MAC address filtering o Static IP addressing o Disabling ports Best practices for a wireless network: o Usernames and passwords o SSID names o SSID broadcast o Encryption o MAC address filtering o Static IP addressing o Data emanation Physically secure a wired or wireless network. Control access to a wired network by disabling switch ports. Control access to a wired or wireless network by implementing MAC address filtering. Secure a wired or wireless network with static IP address assignments. Secure a wireless network access point. Prevent data emanation from a wireless network. What steps should be taken to physically secure a wired network? Which ports on a network switch should be disabled? What is the effect of unnecessary or unused software installed on a workstation or server? What can be done to make usernames and passwords more secure? How can MAC address filtering increase the security of a wired or wireless network? Is using static IP address assignments more secure than using dynamic assignments via DHCP? What can be done to secure a wireless network access point? How can you keep a wireless network's radio signal from emanating outside your facility or campus? 12.8.1 Wired Network Security Best Practices 17:45 12.8.3 Wireless Network Security Best Practices 14:57 Total 32:42 4 questions Total About 45 minutes

Section 12.9: Firewalls This section discusses using firewalls to inspect network traffic and allow or block traffic based on a set of rules. Concepts covered include: Types of firewalls: o Network-based firewall o Host-based firewall Filtering rules use characteristics of the traffic to identify allowed and blocked traffic. In Windows Firewall, you can configure two exception types: o Program o Port Identifying the traffic type for networkbased firewalls: o Port triggering o Port forwarding Port numbers for common network protocols Enable the Windows firewall. Open and close ports in the Windows firewall. Configure a network-based firewall using port forwarding. Configure a network-based firewall using port triggering. Why is using a firewall important when connecting your computer to the Internet? What information does the firewall use to allow or prevent communication? What are the disadvantages of using a firewall? 12.9.1 Introduction to Firewalls 8:01 12.9.2 Firewalls 10:39 12.9.3 Configuring Windows Firewall 3:50 12.9.4 Configuring a Network-Based Firewall 13:46 Total 36:16 Configure the Windows Firewall 9 questions Total About 55 minutes

Section 12.10: Proxy Servers This section discusses the role of a proxy server. Configure Internet Explorer to use a proxy server. What is the function of a proxy server and how can it be used to control access of Internet traffic? 12.10.1 Proxy Servers 4:49 12.10.2 Configuring Proxy Settings 5:25 Total 10:14 Use a Proxy Server 4 questions Total About 20 minutes

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information