Bethesda Cybersecurity Club Lesson 3 Computing Basics
Agenda News Hands on Passwords (19 worst passwords) Computing basics 10 min – meet your teammates 5 min – News – NotPetya Virus 10 min – Nova labs experience 5 min – Review last week 10 min – PII and Internet Safety 10 min – CIA Triad 10 min - Malware 40 min – hands on stuff 20 min – review/closeout/cleanup
Passwords Any of the top 10000 passwords can be broken immediately Brute force attacks can run 4 billion calculations per second Passwords of 8 characters consisting of: Only numbers - <1 second +Lower case - <11 minutes +Upper case - <15 hours +symbols - <3 weeks Always use at least 3 of the above Always use at least 8 characters 9 characters – 5 years 10 characters – 526 years Any of the top 10000 passwords can be broken immediately 91% of people have one of the 1000 most popular passwords Almost half of all people use one of the 100 most popular Use different passwords for each site Change passwords quarterly Do not use words or userids BAD: Patriot [Instantly] GOOD: Cy63rp@tr10+ [34000 years] Keyboard patterns can be useful when physical security it high https://howsecureismypassword.net/
Computing basics BIOS – Basic Input-Output System Services Connects CPU with Operating System (OS) Allows the Operating System to connect with input, output and storage devices Manages basic system settings like date, time, power Permanent, Embedded on the motherboard Operating systems Manages hardware and software resources Graphic user interface Mac, Windows, Unix, Linux (Ubunitu, Debian, Mint, Fedora) Services Applications
Virtual machines (VM) VM Security Computer within a computer Host [OS] – OS of the physical device Guest [OS] – OS of the VM Image – another term for VM Hypervisor – software that can create VMs (VMware, KVM) Benefits – scalability, flexibility, portability, cost Disadvantages Performance depends on host machine’s resources Single point of failure VM Security Benefits VMs can isolate damage Snapshots can allow for rollbacks Concerns Hypervisors can be attacked Updates for VMs and Software on VMs Communications between VMs must be monitored like physical machines
Hands on… Create user accounts Firewall WiFi Anti virus File permissions Malware
What’s next? Homework: Lesson 4 – MS Windows and MS Developer Network (MSDN)