Presentation is loading. Please wait.

Presentation is loading. Please wait.

Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.

Published byEmmeline Amanda Chandler Modified over 8 years ago

Similar presentations

Presentation on theme: "Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human."— Presentation transcript:

1 Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human aspects of security

2 Course ILT Topic A Topic A: Operating system security Topic B: Security hardware Topic C: The human aspects of security

3 Course ILT User accounts Object that represents a user of the computer –Name, password, group membership User Administrator Guest

4 Course ILT Groups Management tool for applying security settings to multiple users Users Administrators Power Users

5 Course ILT Active Directory Management framework Centralized database of security data Domains Forests Organizational units

6 Course ILT Activity A-1 Securing access to the operating system

7 Course ILT File system security Logical organization scheme for files Windows supports: –File Allocation Table (FAT) –FAT32 –NTFS Only NTFS supports security

8 Course ILT NTFS advantages Larger disks Security Compression and encryption Disk quotas Recovery logging

9 Course ILT Activity A-2 Choosing the correct file system for security

10 Course ILT NTFS security Security tab in Properties dialog box Permissions are cumulative Explicit permissions override inherited permissions Permissions are inherited unless blocked Set permissions on folders and files

11 Course ILT NTFS permissions Full control Modify Read and Execute List Folder Contents Read Write Special Permissions

12 Course ILT Enabling the Security tab 1.Open Windows Explorer 2.Choose Tools, Folder Options 3.Activate the View tab 4.Clear the checkbox beside Use simple file sharing 5.Click OK

13 Course ILT Activity A-3 Configuring file access restrictions

14 Course ILT Encryption Scrambling of data Public key cryptography –Pairs of keys –Whichever encrypts, the pair decrypts Encrypting file system (EFS)

15 Course ILT Activity A-4 Encrypting files

16 Course ILT Authentication mechanisms Biometric devices Smart cards Fobs Digital certificates

17 Course ILT Authentication Identity validated Workgroup vs. domain Local computer vs. domain Network authentication

18 Course ILT Protocols Kerberos v5 –Supported by: Windows 2000, Windows XP, and Windows Server 2003 NTLM –Supported by Windows NT, Windows 9x

19 Course ILT Activity A-5 Understanding authentication technologies

20 Course ILT Security policies Password Policy Account Lockout Policy Audit Policy User Rights Assignments Security Options Encrypting File System Software Restriction Policies IP Security Policies

21 Course ILT Activity A-6 Using local security policies to set password restrictions

22 Course ILT Topic B Topic A: Operating system security Topic B: Security hardware Topic C: The human aspects of security

23 Course ILT A fingerprint scanner

24 Course ILT Activity B-1 Installing a fingerprint reader

25 Course ILT Smart card and reader

26 Course ILT Installing IdentiPHI Basic 1.Install the card reader and its drivers 2.Install the IdentiPHI Basic software 3.Configure IdentiPHI Basic to accept smart cards 4.Enroll a smart card and set a secure PIN for that card

27 Course ILT Activity B-2 Installing a card reader

28 Course ILT Activity B-3 Installing the IdentiPHI Basic software

29 Course ILT Activity B-4 Configuring IdentiPHI Basic to accept smart cards

30 Course ILT Activity B-5 Enrolling a smart card with IdentiPHI

31 Course ILT Activity B-6 Using a smart card

32 Course ILT Activity B-7 Uninstalling the smart card reader and software

33 Course ILT Fobs Keychain sized devices Creates a rolling code Might need username and password, in addition to fob number Rolling code not random

34 Course ILT Topic C Topic A: Operating system security Topic B: Security hardware Topic C: The human aspects of security

35 Course ILT Alleviate security weaknesses Restrict physical access to sensitive systems and data Create an automated backup schedule Manage data destruction Create a corporate security policy Manage social engineering attacks

36 Course ILT Physical access restrictions Lock server rooms Lock PC cases and peripherals Use cameras or motion-sensor alarms Station guards in ultra-sensitive areas

37 Course ILT Activity C-1 Implementing physical access restrictions

38 Course ILT Backup Use to create copies of your files Recover files after system failure Back up any critical data before you begin troubleshooting Windows Backup is a GUI utility –Archive selected files and folders –Restore archived files and folders –Make copy of computer’s system state –Copy your computer’s system partition, boot partition, and files needed to start up the system

39 Course ILT Backup utility in Windows XP

40 Course ILT Backup modes Wizard mode — walk you step-by-step through the process Advanced mode — provides complete control over file and folder selection

41 Course ILT Backup utility in Advanced Mode

42 Course ILT Backup types Copy Daily Differential Incremental Normal

43 Course ILT Activity C-2 Backing up files using Wizard mode

44 Course ILT Activity C-3 Restoring information from a backup

45 Course ILT Scheduling backups Daily Weekly Monthly At predefined times On predefined days continued

46 Course ILT Scheduling backups, continued

47 Course ILT Activity C-4 Scheduling a backup

48 Course ILT Data destruction and migration Destruction utilities Removable media and drives Paper records Data migration

49 Course ILT Activity C-5 Examining data destruction techniques

50 Course ILT Corporate security policies Contract between company and employees Heightens awareness Demonstrates commitment Spells out permitted and prohibited uses of company resources, plus repercussions Intrusion handling plans Regularly review and update

51 Course ILT Activity C-6 Considering corporate security policies

52 Course ILT Social engineering attacks Social engineering includes: –Tricking users into divulging sensitive information –Phishing –Dumpster diving –Shoulder surfing –Trojan horse attachments –Sneaking into secure areas through deception Training and awareness are best defenses

53 Course ILT Malicious software Virus Worm Trojan horse Spam Spyware Adware Grayware

54 Course ILT Prevention Training Corporate security policy Antivirus software

55 Course ILT Activity C-7 Managing social engineering attacks

56 Course ILT Network security Firewalls Password management Account management Incidence reporting

57 Course ILT Activity C-8 Examining network security

58 Course ILT Unit summary Configured operating system and file system security Installed a fingerprint scanner and card reader Managed the human aspects of security

Download ppt "Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human."

Similar presentations

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
MIS 431 - Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.

MIS Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.

Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.

Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.

By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Similar presentations

Ads by Google