Professional Documents
Culture Documents
ITE PC v4.0
Chapter 9
Cisco Public
Objectives
1. Explain why security is important
2. Describe security threats
3. Identify security procedures
4. Identify common preventive maintenance techniques
for security
5. Troubleshoot security
ITE PC v4.0
Chapter 9
Cisco Public
ITE PC v4.0
Chapter 9
Cisco Public
Security Threats
Types of attacks to computer security:
Physical
Theft, damage, or destruction to computer equipment.
Data
Removal, corruption, denial of access, unauthorized access, or
theft of information.
External threats
Outside users can attack in an unstructured or structured way.
ITE PC v4.0
Chapter 9
Cisco Public
Cisco Public
Web Security
Attackers may use any of these tools to install a program
on a computer.
ActiveX
Controls interactivity on web pages
Java
Allows applets to run within a browser
Example: a calculator or a counter
JavaScript
Interacts with HTML source code to allow interactive web
sites
Example: a rotating banner or a popup window
ITE PC v4.0
Chapter 9
Cisco Public
ITE PC v4.0
Chapter 9
Cisco Public
Cisco Public
Cisco Public
Social Engineering
Never give out a
password
Always ask for the ID of
the unknown person
Restrict access of
unexpected visitors
Escort all visitors
through the facility
ITE PC v4.0
Chapter 9
Cisco Public
10
TCP/IP Attacks
TCP/IP is used to control all Internet communications.
ITE PC v4.0
Chapter 9
Cisco Public
11
Cisco Public
12
ITE PC v4.0
Chapter 9
Cisco Public
13
Security Policy
Questions to answer in writing a local security policy:
ITE PC v4.0
Chapter 9
Cisco Public
14
Protecting Equipment
Since stealing the whole PC is the easiest way to steal
data, physical computer equipment must be secured.
Control access to facilities
Use cable locks
Lock telecommunication rooms
Use security screws
Use security cages around
equipment
Label and install sensors on
equipment
ITE PC v4.0
Chapter 9
Cisco Public
15
Protecting Data
Methods of securing data:
Password protection
Data encryption
Port protection
Data backups
ITE PC v4.0
Chapter 9
Cisco Public
16
ITE PC v4.0
Chapter 9
Cisco Public
17
Cisco Public
18
Launch
protection
program
Click
update
button
Run a
scan
Yes
Review
scan
report
Need to
manuall
y treat
or
delete?
Manually
treat or
delete
No
ITE PC v4.0
Chapter 9
Schedule future
automatic
updates and
scans
Cisco Public
19
Check for
updates
Install
update
Download
updates
Yes
Prompte
d to
restart?
Restart
computer
No
Test all aspects to
ensure the update has
not caused issues
ITE PC v4.0
Chapter 9
Cisco Public
20
Troubleshooting Process
Step 1 Gather data from the user
Step 2 Verify the obvious issues
Step 3 Try quick solutions first
Step 4 Gather data from the computer
Step 5 Evaluate the problem and implement the solution
ITE PC v4.0
Chapter 9
Cisco Public
21
Description of problem
Open-ended questions
What changes were made to the security settings?
Closed-ended questions
Are the protection software signature files up-to-date?
ITE PC v4.0
Chapter 9
Cisco Public
22
ITE PC v4.0
Chapter 9
Cisco Public
23
Cisco Public
24
ITE PC v4.0
Chapter 9
Cisco Public
25
ITE PC v4.0
Chapter 9
Cisco Public
26
Possible Solution
ITE PC v4.0
Chapter 9
Cisco Public
27
Summary
Following proper security procedures will protect computers
and network equipment, and the data they contain, from
physical danger such as fire and theft, as well as from
loss and damage by employees and attackers.
Security threats can come from inside or outside of an
organization.
Viruses and worms are common threats that attack data.
Develop and maintain a security plan to protect both data
and physical equipment from loss.
Keep operating systems and applications up to date and
secure with patches and service packs.
ITE PC v4.0
Chapter 9
Cisco Public
28
Q and A
ITE PC v4.0
Chapter 9
Cisco Public
29
ITE PC v4.0
Chapter 9
Cisco Public
30