Presentation is loading. Please wait.

Presentation is loading. Please wait.

NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.

Published byMadeline Phillips Modified over 8 years ago

Similar presentations

Presentation on theme: "NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the."— Presentation transcript:

1 NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406

2 Introduction There are a number of technologies that exist for the sole purpose of ensuring that the critical characteristics of data are maintained in any of its states. These technologies can be either hardware or software. Some of these items include but are not limited to firewalls, antivirus programs, software updates, and various forms of encryption. An understanding of these technologies is essential to enable security without compromising functionality.

3 Hardening the Operating System In computing, hardening is usually the process of securing a system by reducing its surface of vulnerability. A system has a larger vulnerability surface the more functions it fulfills; in principle a single-function system is more secure than a multipurpose one. Reducing available vectors of attack typically includes the removal of unnecessary software, unnecessary usernames or logins and the disabling or removal of unnecessary services.

4 Hardening the Operating System (Cont.) Information security :  Confidentiality.  Integrity.  Availability. This chapter examines some techniques that can assist you in maintaining the confidentiality and integrity of data on a host machine. These labs begin with operating system issues and then move to issues such as antivirus applications and firewalls. Maintaining the operating system in an up-todate configuration is the first and most important step of maintaining a proper security posture. Once the OS is secure, then focus can shift to antivirus issues as viruses can be direct threats to the data on a machine. After these specific threats are covered, a firewall acts as a barrier with a regulated gate to screen traffic to and from the host.

5 Hardening the Operating System (Cont.) The operating system is the software that handles input, output, display, memory management, and many other important tasks that allow the user to interact with and operate the computer system. A network operating system is an operating system that includes built-in functionality for connecting to devices and resources on a network. Most operating systems today, such as Windows, Unix, Linux, and Mac OS X, have networking built into them.

6 Hardening the Operating System (Cont.) Developers of operating systems have a huge challenge to deal with. There are many different networks with different requirements for functionality and security. Designing the operating system to work “out of the box” in a way that will be the correct balance for every type of network is impossible. End users’ desire for more features has led to default installations being more feature rich than security conscious. As a result, default installations need to be secured. The process of securing the operating system is called hardening. Hardening the operating system is intended to reduce the number of vulnerabilities and protect the computer from threats or attacks.

7 Hardening the Operating System (Cont.) While there are many different operating systems, the general steps in the hardening process are the same: 1. Install the latest service pack. 2. Apply the latest patches. 3. Disable unnecessary services.

8 Hardening the Operating System (Cont.) 4. Remove unnecessary user accounts and rename the admin/root account. 5. Ensure the use of complex passwords. 6. Restrict permissions on files and access to the registry.

9 Hardening the Operating System (Cont.) 7. Enable logging of critical events. 8. Remove unnecessary programs.

10 Cont. There are some excellent tools available to help in the hardening process. Microsoft provides snapins to evaluate and configure the security settings. Changing all the settings to harden a computer can be quite a task. Microsoft has a special security feature called security templates. A security template contains hundreds of possible settings that can be configured to harden a computer. The security templates can control areas such as user rights, permissions, and password policies. While the process of hardening the computer will help prevent harm to the confidentiality, integrity, and availability of the data that is stored on the computer, it will also reduce the functionality or convenience of the computer.

11 Cont. The key is to maintain an appropriate level of functionality while properly securing the system to maintain confidentiality, integrity, and availability.

12 Lab Exercise

13 Learning Objectives from the Lab At the end of this lab, you’ll be able to: Install Windows Service Pack. List the features of Service Pack. Change the setting of the firewall and the Automatic Updates feature. Apply security templates in Windows to harden the computer.

14 Lab 7.1w: Hardening Windows XP The number of malicious attacks on computer systems continues to grow each year. One of the way Microsoft addresses this issue is with the release of service packs. Microsoft’s Windows XP Service Pack 3 released in 2008, not only contains a collection of patches but comes with enhanced features. It increase network protection, memory protection, e-mail security, and browsing security. The XP Service Pack (SP3) update can be installed either by using the Windows Update utility or by downloading the networ installation version from the Microsoft Download Center web site One of the features in XP SP3 is the Security Center utility. The Security Center utility monitor the computer’s firewall, antivirus software, and updates. The firewall is turned on by default—this blocks unsolicited communications but may also block communications that you want access to as well.

15 The firewall has also been enhanced to provide boot-time security—the firewall starts immediately during the boot process, blocking traffic and closing the window of opportunity for a malicious attack to get in. Automatic Updates is an important feature of XP SP3. The time between software with vulnerabilities being released and attackers releasing malicious code to exploit them is growing shorter and shorter. Therefore, it is important to patch your operating system as soon as possible. Automatic Updates will set your computer to check Microsoft’s web site daily for any security updates. It will then download and install any that are available. It is important to note that this can be a double-edged sword. You may not always want to patch immediately because it is possible that the patch will fix one vulnerability yet damage another program that may be critical for business applications. Although XP SP3 does not come with antivirus software, it does monitor your antivirus program to check whether it is up to date.

16 Service Pack 3 also enhances the Internet Explorer web browser. One of the features is the addition of a pop-up blocker. Pop-ups are pages or windows that pop up either when a link is clicked or some other condition is met. Web designers can use pop-ups to enable users to view enlarged versions of photos, or to open a new window for users to fill in a form or compose an e-mail message. Unfortunately, this feature is abused by certain sites and, without a pop-up blocker, you can be inundated with a large number of undesirable windows opening up. Advertisers also use pop-ups, which can be rather annoying. You can configure the pop-up blocker to block pop-ups generally but allow them on sites that you choose. In this lab, you will install XP SP3 and look at the Security Center application.

17 Materials and Setup You will need the following: Windows XP Professional ( can be replaced by Windows 7) Windows 2003 Server ( can be replaced by Windows 2008 Server) BackTrack ( can be replaced by kali)

18 Lab Steps at a Glance Step 1: Log on to the Windows XP Professional, Windows 2003 Server, and BackTrack PCs. Step 2: Install Windows XP Service Pack 3. Step 3: Explore new features. Step 4: Test new features. Step 5: Configure security templates. Step 6: Log off from the Windows XP Professional, Windows 2003 Server, and BackTrack PCs.

19 Lab Steps Pages 170 – 178 On Windows 7: Patching. Set up event monitoring Setup baselines Monitor the current threat landscape

20 Reference Wiley-Principles of Computer Security 2010 http://hardenwindows7forsecurity.com/Harden%20 Windows%207%20Home%20Premium%2064bit%2 0-%20Standalone.html http://hardenwindows7forsecurity.com/Harden%20 Windows%207%20Home%20Premium%2064bit%2 0-%20Standalone.html http://hardenwindows7forsecurity.com/

Download ppt "NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the."

Similar presentations

®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.

®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.
Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.

Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.

Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Free Software Alternatives: Avast! Anti-virus

Free Software Alternatives: Avast! Anti-virus
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Cambodia-India Entrepreneurship Development Centre - : :.... :-:-

Cambodia-India Entrepreneurship Development Centre - : :.... :-:-
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.

Similar presentations

Ads by Google