1. Understand Internet Security LESSON 1.3 98-367 Security Fundamentals

2. LESSON 1.3 Lesson Overview We will discuss the importance of Web Security. In this lesson, you will learn:  Web browser settings  Secure zones  Secure websites

3. 98-367 Security Fundamentals LESSON 1.3 Anticipatory Set  Searching the Internet, find at least 5 different websites that are secure sites. How do you determine which are secure and which aren’t?

4. 98-367 Security Fundamentals LESSON 1.3 Security Zones  Internet Zone o This zone contains websites that are not on your computer or on your local intranet, or that are not already assigned to another zone. The default security level is medium.

5. 98-367 Security Fundamentals LESSON 1.3  Local Intranet Zone o By default, the Local Intranet zone contains all network connections that were established by using a universal naming convention (UNC) path, and websites that bypass the proxy server or have names that do not include periods (for example, http://local), as long as they are not assigned to either the Restricted Sites or Trusted Sites zone. o The default security level for the Local Intranet zone is set to Medium (Internet Explorer ® 4) or Medium-low (Internet Explorer 5 and 6).

6. 98-367 Security Fundamentals LESSON 1.3  Trusted Sites Zone o This zone contains websites that you trust as safe (such as websites that are on your organization's intranet or that come from established companies in whom you have confidence). o When you add a website to the Trusted Sites zone, you believe that files you download or that you run from the website will not damage your computer or data. o By default, there are no websites that are assigned to the Trusted Sites zone, and the security level is set to Low.

7. 98-367 Security Fundamentals LESSON 1.3  Restricted Sites Zone o This zone contains websites that you do not trust. When you add a website to the Restricted Sites zone, you believe that files that you download or run from the website may damage your computer or your data. By default, there are no websites that are assigned to the Restricted Sites zone, and the security level is set to High. The Restricted Sites zone contains websites that are not on your computer or on your local intranet, or that are not already assigned to another zone. The default security level is Medium.

8. 98-367 Security Fundamentals LESSON 1.3 Assignment Identify types of Windows ® secure point-to-point communications  SSH – Secure Shell (SSH) Sometimes known as Secure Socket Shell, is a Unix-based command interface and protocol for getting secure access to a remote computer. It is widely used by network administrators to control Web and other kinds of servers remotely.  IPSec – Short for Internet Protocol Security A security mechanism under development by the IETF (Internet Engineering Task Force) designed to ensure secure packet exchanges at the IP (Internet protocol) layer. IPSec is based on two levels of security: AH (authentication header), which authenticates the sender and assures the recipient that the information has not been altered during transmission, and ESP (encapsulating security protocol), which provides data encryption in addition to authentication and integrity assurance.

9. 98-367 Security Fundamentals LESSON 1.3  SSL/TLS – Secure Sockets Layer A protocol developed by Netscape Communications Corporation for ensuring security and privacy in Internet communications. SSL supports authentication of client, server, or both, as well as encryption during a communications session. While the primary purpose of SSL is to enable secure electronic financial transactions on the World Wide Web, it is designed to work with other Internet services as well. This technology, which uses public key encryption, is incorporated into the Netscape Navigator Web browser and Netscape’s commerce servers.

10. 98-367 Security Fundamentals LESSON 1.3 Additional topics to think about …  Secure communications  E-mail security  E-commerce security  Virtual private network  Browser cookies How do these topics relate to one another?