Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Vista Inside Out Ch 10: Ch 10: Security Essentials Last modified 9-17-07.

Published byGavin Perry Modified over 8 years ago

Similar presentations

Presentation on theme: "Windows Vista Inside Out Ch 10: Ch 10: Security Essentials Last modified 9-17-07."— Presentation transcript:

1 Windows Vista Inside Out Ch 10: Ch 10: Security Essentials Last modified 9-17-07

2 Understanding Security Threats   Essential Security Measures Firewall Updates Antivirus Antispyware   Security Center In Control Panel

3 Editions  All the security software in this chapter is the same in all editions, except  Parental Controls Only present in Home Basic, Home Premium, and Ultimate Only present in Home Basic, Home Premium, and Ultimate  Group Policy Only present in Business, Enterprise, and Ultimate versions Only present in Business, Enterprise, and Ultimate versions

4 Security Threats  Virus Code that attaches to another program Code that attaches to another program Spreads when the infected program runs Spreads when the infected program runs  Worm A independent program A independent program Usually spreads through networks, by email or instant messaging, or blogs, etc. Usually spreads through networks, by email or instant messaging, or blogs, etc.

5 Security Threats  Spyware Software that is installed without user’s knowledge Software that is installed without user’s knowledge Records personal information Records personal information Causes ads to display Causes ads to display  Trojan Enables remote control of your computer Enables remote control of your computer Your computer becomes part of a botnet Your computer becomes part of a botnet

6 What’s New in Windows Vista   User Account Control (UAC) Helps to prevents installation of software without user’s consent   Windows Firewall Now filters outgoing traffic Advanced configuration console is much more complex than any previous Windows Firewall

7 What’s New in Windows Vista   Windows Defender Antispyware   Internet Explorer Protected Mode   Parental Controls Lets parents control their children’s Internet use and games

8 What’s New in Windows Vista  Data Redirection Standard user accounts use virtualization to prevent changes to protected system folders and the Registry Standard user accounts use virtualization to prevent changes to protected system folders and the Registry  Buffer Overrun Protection Address Space Layout Randomization (ASLR) Make it hard to take over computers with system calls

9 What’s New in Windows Vista  64-bit Vista PatchGuard: only signed drivers are allowed PatchGuard: only signed drivers are allowed  Data Encryption BitLocker Drive Encryption BitLocker Drive Encryption Only on Enterprise and Ultimate editionsOnly on Enterprise and Ultimate editions Encrypting File System Encrypting File System Only fully supported on Business, Enterprise, and Ultimate editions (see link Ch 10a)Only fully supported on Business, Enterprise, and Ultimate editions (see link Ch 10a)

10 What’s New in Windows Vista   Restrictions on removable drives USB flash drives and removable devices can be controlled with Group Policy

11 Preventing Unsafe Actions with User Account Control (UAC)  Administrator accounts have two tokens: one normal, one with administrator privileges  Elevating privileges requires clicking on a User Account Control box

12 What Triggers UAC Prompts  Installing and uninstalling applications  Installing device drivers Unless they are in the Driver Store Unless they are in the Driver Store  Installing ActiveX Controls  Installing Windows Updates   Changing settings for Windows Firewall   Changing UAC settings

13 What Triggers UAC Prompts   Configuring Windows Update   Adding or removing user accounts   Changing a user’s account type   Configuring Parental Controls   Running Task Scheduler   Restoring backed-up system files   Viewing or changing another user’s folders and files

14 Shield Icon  Indicates actions that will require privilege escalation  If you are logged in as a Standard User The “credentials prompt” will ask for administrator credentials The “credentials prompt” will ask for administrator credentials

15 Secure Desktop  The greyed-out desktop that forces you to respond only to the User Account Control box  Prevents other programs from running during this important process

16 Disabling UAC  Control Panel, User Accounts, User Accounts, Turn User Account Control on or off  Puts your computer at risk

17 Working Around UAC Without Disabling It   Use an administrator Command Prompt window No further elevation will be needed   Run as a standard user Fewer elevated options will appear   Use the “Administrator” account Disabled by default Not affected by User Account Control by default

18 Using Group Policy to Customize UAC  Start, GPEDIT.MSC

19 Monitoring Security  Security Center in Control Panel

20 Multiple Security Programs  Running two antivirus applications at the same time can freeze your computer  Two firewalls can be hard to manage, but usually doesn’t crash the machine  Two antispyware applications is commonly done and does no harm

21 Unrecognized Software   If your security software is not recognized, you can turn off the Security Center alerts   To see this message, turn off Windows Firewall and click “Show me my available options” in the Firewall section of Security Center

22 Blocking Intruders with Windows Firewall  You should always run a personal firewall on your computer Even when you work behind a corporate or home firewall Even when you work behind a corporate or home firewall To protect you from your neighbors on the LAN To protect you from your neighbors on the LAN Laptops, USB flash memory sticks, etc. can bring infections inside your firewall Laptops, USB flash memory sticks, etc. can bring infections inside your firewall

23 Windows Firewall  Filters incoming traffic only, by default  Stateful-inspection packet filtering Remembers the requests you made recently Remembers the requests you made recently Allows incoming traffic only if you requested it Allows incoming traffic only if you requested it You can set exceptions to allow unsolicited incoming traffic You can set exceptions to allow unsolicited incoming traffic  This is safer than stateless firewalls They filter only by IP address, port, or protocol They filter only by IP address, port, or protocol

24 New Windows Firewall Features  Can filter outgoing traffic   Windows Firewall With Advanced Security console allows many more settings   Exceptions can be configured for Services Active Directory accounts and groups, and more   Three separate profiles Domain, Private non-domain, or Public

25 Tools for Managing Windows Firewall   Windows Firewall, in Control Panel   Windows Firewall With Advanced Security A snap-in for Microsoft Management Console (MMC)   Group Policy Object Editor Available only in Business, Enterprise, and Ultimate editions   The Netsh utility Command-line tool

26 Firewall Profiles  Domain Your computer is joined to an Active Directory domain Your computer is joined to an Active Directory domain Firewall settings usually controlled by settings on the Domain Controller Firewall settings usually controlled by settings on the Domain Controller  Private Your computer is connected to a Home or Work network in a workgroup configuration Your computer is connected to a Home or Work network in a workgroup configuration  Public Airport, library, coffehouse, etc. Airport, library, coffehouse, etc.

27 Firewall Profiles  Press Logo key  Enter "firewall"  Open "Windows Firewall with Advanced Security"  Notice that the profile you are using now is marked "Active"

28 Windows Firewall Settings  In Control Panel, in "Security" section, click "Allow a program through Windows Firewall"  Here you are controlling only the current profile  Demo: Turn off firewall, observe the change in "Windows Firewall with Advanced Security"

29 Allowing Connections Through the Firewall  You will need exceptions any time you want your computer to act as a server Print server Print server File Server File Server Windows Meeting Space Windows Meeting Space Games Games  All these functions require your computer to accept unsolicited incoming traffic

30 Exceptions  Checking a box here lets a program through the firewall  If the item you need is not visible, use the "Add program…" or "Add port…" buttons

31 Firewall Alerts  Clicking "Unblock" on this alert does the same thing as checking the box on the Exceptions tab

32 Windows Update  Start, All Programs, Windows Update

33 Updating Many Computers  If you have a network of computers at a business, automatic updates are not the best practice It ties up your Internet connection It ties up your Internet connection Not all machines get the same updates at the same time Not all machines get the same updates at the same time Some updates may be harmful to your software, so you want to block them Some updates may be harmful to your software, so you want to block them

34 Microsoft Update Catalog   Link Ch 10b   Stand-alone installable versions of each update for Windows   Includes "all supported versions"   BUT try searching for MS04-011, no Win 2000 updates appear See link Ch 10c

35 Windows Server Update Services (WSUS)   Runs on Windows Server 2003 or 2008   Downloads updates from Microsoft   Computers get updates from the WSUS server, not Microsoft   See link Ch 10d

36 Antivirus Software  Microsoft recommends these vendors for Vista antivirus software  For details, see link Ch 10e  For independently certified antivirus products, see link Ch 10f

37 Cleaning an Infected System   Microsoft's Malicious Software Removal Tool (MSRT) Link Ch 10g   McAfee Stinger Link Ch 10h

38 Stopping Spyware with Windows Defender  Spyware causes things like: Unexpected new toolbars, favorites, and links in your web browser Changes to your browser’s home page and default search provider Numerous pop-up ads Sudden occurrence of computer crashes or slow performance

39 Windows Defender  Press Logo key, type in DEF  Scans each day, by default

40 Real-Time Protection  In Windows Defender, Tools, Options

41 Parental Controls  Only in Home Basic, Home Premium, and Ultimate Editions

42 Activity Viewer

Download ppt "Windows Vista Inside Out Ch 10: Ch 10: Security Essentials Last modified 9-17-07."

Similar presentations

®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.

®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Support for Windows 7 Chapter 2 Securing and Troubleshooting Windows 7.

Support for Windows 7 Chapter 2 Securing and Troubleshooting Windows 7.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
A Quick Review of Unit 2 – Using Windows 7 Computing Fundamentals © CCI Learning Solutions.

A Quick Review of Unit 2 – Using Windows 7 Computing Fundamentals © CCI Learning Solutions.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.

Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Spring 2008 www.umsl.edu/~iclabs. Definitions  Virus  A virus is a piece of computer code that attaches itself to a program or file so it can spread.

Spring Definitions  Virus  A virus is a piece of computer code that attaches itself to a program or file so it can spread.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
File sharing. Connect the two win 7 systems with LAN card Open the network.

File sharing. Connect the two win 7 systems with LAN card Open the network.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.
Guide to MCSE 70-290, Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.

Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
With Microsoft Windows 7© 2012 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Windows 7.

With Microsoft Windows 7© 2012 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Windows 7.
P6 - CONFIGURE THE SOFTWARE. CONFIGURE SOFTWARE Most software can be configured to suit an individual user, for example by changing the appearance of.

P6 - CONFIGURE THE SOFTWARE. CONFIGURE SOFTWARE Most software can be configured to suit an individual user, for example by changing the appearance of.

Similar presentations

Ads by Google