Recent Changes - Search:

Home Page

Student Resources

Connect with us:

Full Length Courses

Short Courses

Course Archive Information

Class Wikis

Socials

Various tips:

PmWiki

Edit SideBar

End Navigation

Chapter 10 - Security

10.0 Security

10.0.1 Introduction >10.0.1.1 Introduction

The image on this page shows a a laptop with a chain wrapped around it and secured with a padlock.

10.1 Security Threats

10.1.1 Types of Security Threats >10.1.1.1 Adware, Spyware, and Phishing

The figure on this page is an interactive activity that allows the learner match three types of security threats with their definitions.

The security threat types are:

  • Spyware
  • Phishing
  • Adware

The Sedcurity threat definitions are:

  • Attacker pretends to represent a legitimate outside organisation
  • Displays unwanted advertising on your computer. Usually comes along with downloaded "free" software
  • Monitors users and reports activities back to organisation that sent it

The figure also has the following two buttons:

  • Check
  • Reset

10.1.1 Types of Security Threats >10.1.1.2 Viruses, Worms, Trojans, and Rootkits

The image on this page shows a computer monitor screen that is divided into puzzle pieces with a key inserted into the centre puzzle piece. The words Virus, Worm, and Trojan are listed to the right of the monitor superimposed over a number of lightning bolts that extend from the right edge of the image to the right edge of the monitor.

10.1.1 Types of Security Threats >10.1.1.3 Web Security

Image 1 on this page shows Windows Internet Explorer 9 browser open with the tools tab selected and Active X Filtering turned on. See page notes for full description.

Image 2 on this page shows a the Pop-up Blocker Settings dialog box which include the following options. See page notes for full description:

  • Address of website to allow
  • Allowed sites
  • Play a sound when pop up is blocked
  • Show notification bar when a pop up is blocked
  • Blocking level

Image 3 on this page shows Windows Internet Explorer 9 browser open with the tools tab selected and Smart Screen Filter turned on. See page notes for full description.

10.1.1 Types of Security Threats >10.1.1.4 InPrivate Browsing

The image on this page shows Windows Internet Explorer 9 browser open with the tools tab selected and InPrivate Browsing turned on. See page notes for full description.

10.1.1 Types of Security Threats >10.1.1.5 Spam

The image on this page shows a mailbox overflowing with mail.

10.1.1 Types of Security Threats >10.1.1.6 TCP/IP Attacks

Figure 1 on this page is an animation that demonstrates a DoS attack. The animation shows the following devices connected to the Internet:

  • A user sitting at a computer
  • 2 other computers
  • A DoS Attacker
  • WWW.XXYZCORP.COM Web Server

The DoS Attacker has a callout saying, "I'll send so many pings that the server can't respond to anyone else.". The DoS Attacker sends continuous pings to the web server. The web server then has a callout saying, "Help, I can't accomplish any work!". See page notes for full description.

Figure 2 on this page is an animation that demonstrates a Distributed DoS attack. The animation shows the following devices connected to the Internet:

  • 2 users sitting at 2 computers
  • 2 other computers
  • A DoS Attacker
  • WWW.XXYZCORP.COM Web Server

The DoS Attacker has a callout saying, "I have infected computers across the Internet with the DDoS code. I will activate them all now.". The two users' computers have callouts saying, " DoS code activated.". The two users' computers send continuous traffic to the web server. The web server then has a callout saying, "I am overloaded with too much traffic.". See page notes for full description.

Figure 3 on this page demonstrates a SYN Flood attack. An attacker sends multiple SYN requests to a web server. The web server sends SYN ACKs and waits to complete the three way handshake but receives no replies. A valid user sends a SYN request to a web server but the web server is unavailable.

Figure 4 on this page demonstrates a Man-in-the-Middle attack. The figure shows the following network:

  • Victim laptop connected to Switch S1
  • Switch S1 connected to Router R1
  • Router R1 connected to Router R2
  • Router R2 connected to the Internet
  • Attacker's laptop connected to the Internet
  • Web Server connected to attacker's laptop

The Man-in-the-Middle attack process is as follows:

  1. When the victim requests a webpage, the request is directed to the attackers computer.
  2. The attacker's computer receives the request and retrieves the real page from the legitimate website.
  3. The attacker can alter the legitimate webpage and apply transformations to the data.
  4. The attacker forwards the requested page to the victim

10.1.1 Types of Security Threats >10.1.1.7 Worksheet - Security Attacks

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.1.2 Access to Data and Equipment >10.1.2.1 Social Engineering

The figure on this page shows a social engineer at a computer with a callout saying, "Hi. This is Amy from the help desk. We need to upgrade the software on our computer after work hours. What is your user ID and password? You can change the password tomorrow when you log in.". An employee of XYZ Corporation at a computer has a callout saying, "Ok, my user ID and password are...".

10.1.2 Access to Data and Equipment >10.1.2.2 Data Wiping, Hard Drive Destruction, and Recycling

Image 1 on this page shows a degaussing wand being applied to the exposed platters of a 3.5 inch internal hard disk. See page notes for full description.

Image 2 on this page shows a drill being applied to the exposed platters of a 3.5 inch internal hard disk. See page notes for full description.

10.2 Security Procedures

10.2.1 Security Policies >10.2.1.1 What is a Security Policy

The image on this page shows a company's security policy handbook with the following Emergency Checklist Table of Contents example:

  • Data Loss
    • Due to equipment theft
    • Due to wiretapping
    • Due to internal personal
    • Due to external personal
    • Due to temporary personal or contacts or vendors
  • Power related emergencies
    • Building or floor power outages
    • Local power outages
    • Large or regional power outage
  • Terrorist Attacks
    • Terrorist attacks leads to evacuation
    • Terrorist attacks leads to lockdown
  • Theft
    • Physical theft of network device
    • physical theft of desktop computer
    • Physical theft of laptop

10.2.1 Security Policies >10.2.1.2: Worksheet - Answer Security Policy Questions

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.2.1 Security Policies >10.2.1.3 Security Policy Requirements

The image on this page shows a company's security policy handbook.

10.2.1 Security Policies >10.2.1.4 Usernames and Passwords

Image 1 on this page shows the Windows BIOS password login screen.

Image 2 on this page shows the Windows 7 login screen.

Image 3 on this page shows the network login dialog box.

10.2.1 Security Policies >10.2.1.5 Password Requirements

(Image 1 on this page shows the Windows 7 Change an Account window displaying the following options:

  • Change the account name
  • Change the password
  • Remove the password
  • Change the picture
  • Set up parental controls
  • Change the account type
  • Delete the account
  • Manage another account

Image 2 on this page shows the Windows 7 Screen Saver dialog box displaying the following options:

  • Screen saver
  • Settings
  • Preview
  • Wait
  • Cahnge power settings

10.2.1 Security Policies >10.2.1.6 File and Folder Permissions

Figure 1 on this page shows a table listing the following Folder Permissions and available control levels:

  • Traverse Folder: Full Control, Modify, Read and Execute, List Folder Contents
  • List Folder: Full Control, Modify, Read and Execute, List Folder Contents, Read
  • View Folder Attributes: Full Control, Modify, Read and Execute, List Folder Contents, Read
  • View Extended Folder Attributes: Full Control, Modify, Read and Execute, List Folder Contents
  • Create Files within the Folder: Full Control, Modify, Write
  • Create Folders: Full Control, Modify, Write
  • Write Folder Attributes: Full Control, Modify, Write
  • Write Extended Folder attributes: Full Control, Write
  • Delete Subfolders and Files: Full Control
  • Delete Folder: Full Control
  • View Folder Permissions: Full Control, Modify, Read and Execute, List Folder Contents, Read, Write
  • Change Folder Permissions: Full Control
  • Take Ownership: Full Control
  • Synchronize: Full Control, Modify, Read and Execute, List Folder Contents, Read, Write

Figure 2 on this page shows a table listing the following File Level Permissions and available control levels available with NTFS:

  • Execute Data: Full Control, Modify, Read and Execute
  • View Data: Full Control, Modify, Read and Execute, Read
  • View File Attributes: Full Control, Modify, Read and Execute, Read
  • View Extended Attributes: Full Control, Modify, Read and Execute, Read
  • Write Data: Full Control, Modify, Write
  • Append Data: Full Control, Modify, Write
  • Write File Attributes: Full Control, Modify, Write
  • Write Extended File attributes: Full Control, Write
  • Delete Files: Full Control
  • View File Permissions: Full Control, Modify, Read and Execute, Read, Write
  • Change File permissions: Full Control
  • Take Ownership: Full Control
  • Synchronize: Full Control, Modify, Read and Execute, Read, Write

Figure 3 on this page shows the following table comparing FAT32 with NTFS:

FAT32 NTFS
Security Low Security File and Folder Level permission, encryption
Compatibility Compatible with all versions of windows Compatible with all versions of windows
File Size Limit of 4 GB files / 32 GB volumes Limit of 16 Terabyte files/ 256 Terabyte volumes
Files Per Volume 4.17 million` 4.29 Billion
File Size Efficiency Large Clusters waste some space Small clusters use more of the available space; built in compression maximises space
Reliability Does not track changes made to the file system Includes journaling which helps to rebuild the file system after a crash or power failure

10.2.1 Security Policies >10.2.1.7: Lab - Securing Accounts, Data, and the Computer in Windows 7

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.2.1 Security Policies >10.2.1.8: Lab - Securing Accounts, Data, and the Computer in Windows Vista

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.2.1 Security Policies >10.2.1.9: Lab - Securing Accounts, Data, and the Computer in Windows XP

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.2.2 Protecting Data >10.2.2.1 Software Firewalls

Image 1 on this page shows the Windows 7 Firewall settings window which shows that the firewall is active for home or work (private) networks and also active for public networks.

Image 2 on this page shows a picture of the New Inbound Rule Wizard window open with the Port rule selected, which controls connections for a TCP or UDP port. See page notes for full description.

10.2.2 Protecting Data >10.2.2.2 Biometrics and Smart Cards

Image 1 on this page shows a fingerprint scanner on a door lock with an LCD screen and finger print reader.

Image 2 on this page shows a retina scanner with an eye scan in progress.

Image 3 on this page shows a smart cards which look like a credit card with a chip on the left side and your photo on the right side. See page notes for full description.

Image 4 on this page shows two different Key Fob security devices. One looks like a small usb stick and the other looks like a small circular token. See page notes for full description.

10.2.2 Protecting Data >10.2.2.3 Data Backups

The image on this page shows the Windows 7 Backup and Restore window listing the following options:

  • Create a system image
  • Create a system reopair disc
  • Set up backup
  • Select another backup to restore files from
  • Recover system settings or your computer

10.2.2 Protecting Data >10.2.2.4 Data Encryption

The image on this page shows the following example of Encrypting File System with the encrypted folders and files coloured green:

NameDate moifiedType
Encrypted folder3/12/2010 10:35 AMFile folder
New folder3/12/2010 10:35 AMFile folder
Encrypted File.txt3/12/2010 10:35 AMTXT File
New Text Document.txt3/12/2010 10:35 AMTXT File

10.2.3 Protection Against Malicious Software >10.2.3.1 Malicious Software Protection Programs

Image 1 on this page shows the Microsoft Security Essential utility with an alert window displaying a potential threat.

Image 2 on this page shows the Windows Defender antispyware utility.

Image 3 on this page shows a rogue antivirus advertisement that looks like the Windows Security Alert window. `

10.2.3 Protection Against Malicious Software >10.2.3.2 Worksheet - Third-Party Antivirus Software

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.2.3 Protection Against Malicious Software >10.2.3.3 Signature File Updates

The image on this page shows the Update tab of the Microsoft Security Essential utility stating that the virus and spyware definitions are up to date.

10.2.4 Security Technoques >10.2.4.1 Common Communication Encryption Types

Figure 1 on this page shows the following example of Hash Encoding:

  1. Sender enters message to be hash encoded; "Her is the quote you requested..."
  2. Hash algorithm SHA or MD5 produces a message digest; "A7DE89DCA00ACB..."
  3. Message transmitted over network (secure or unsecure)
  4. Sender sends message digest along with message
  5. Hash algorithm produces message digest; "A7DE89DCA00ACB..."
  6. If message digest is not identical, message has been changed or tampered with.
  7. Receiver recovers sent message; "Her is the quote you requested..."

Figure 2 on this page shows the following example of Symmetric Encryption:

  1. Sender enter message to be encrypted; "Her is the quote you requested..."
  2. Sender enters secret encryption key to encode message; "A7DE89DCA00ACB..."
  3. Message transmitted over unsecure network
  4. Receiver enters identical secret key to decode encrypted message; "A7DE89DCA00ACB..."
  5. Receiver recovers decrypted message; "Her is the quote you requested..."

Figure 3 on this page shows the following example of Asymmetric Encryption:

  1. Sender enters message to be encrypted; "Her is the quote you requested..."
  2. Sender enters receiver’s public key to encode message; "A7DE89DCA00ACB..."
  3. Message transmitted over unsecure network
  4. Receiver enters security private key to decode message; "A7DE89DCA00ACB..."
  5. Receiver recovers message; "Her is the quote you requested..."

10.2.4 Security Technoques >10.2.4.2 Service Set Identifiers

The image on this page shows the Basic Wireless settings for the Cisco Linksys E2500 router listing the following options:

5 GHz Wireless Settings:

  • Network Mode: Disabled
  • Network Name SSID: Cisco55842
  • Channel Width: 20 MHz Only
  • Channel: Auto (DFS)
  • SSD Broadcast: Enabled

2.4 GHz Wireless Settings:

  • Network Mode: Disabled
  • Network Name SSID: Cisco2
  • Channel Width: 20 MHz Only
  • Channel: Auto
  • SSD Broadcast: Disabled

10.2.4 Security Technoques >10.2.4.3 MAC Address Filtering

The image on this page shows the Wireless MAC Filter settings for the Cisco Linksys E2500 router listing the following options. See page notes for full description.:

  • Enabled/Disabled
  • Prevent PCs listed below from accessing the wireless network
  • Permit PCs listed below to access the wireless network
  • Wireless Client List listing 2 columns of MAC addresses from MAC 01 to MAC 32

10.2.4 Security Technoques >10.2.4.4 Wireless Security Modes

The image on this page shows the Wireless Security settings for the Cisco Linksys E2500 routerlisting the following options. See page notes for full description:

  • 5GHz Wireless Security Mode: Disabled
  • 2.4GHz Wireless Security Mode: Disabled

10.2.4 Security Technoques >10.2.4.5: Packet Tracer - Wireless Security Techniques

This task cannot be completed as it requires Packet Tracer, which is inaccessible.

10.2.4 Security Technoques >10.2.4.6 Wireless Access

The image on this page shows the Management settings for the Cisco Linksys E2500 router listing the following options:

Router Access:

  • Router Password
  • Re-Enter to Confirm

Local Management Access:

  • Access via: HTTP/HTTPS
  • Access via Wireless: Enabled/Disabled

Remote Management Access:

  • Remote Management: Enabled/Disabled
  • Access via: HTTP/HTTPS
  • Remote Upgrade: Enabled/Disabled
  • Allow Remote IP Address: Any IP address/Enter IP address
  • Remote Management Port

Advanced features:

  • SP ALG: Enabled/Disabled

UPnP:

  • UPnP: Enabled/Disabled
  • Allow Users to Configure: Enabled/Disabled
  • Allow Users to Disable Internet Access: Enable/Disable

Backup and Restore:

  • Back Up Configuration
  • Restore Configuration

10.2.4 Security Technoques >10.2.4.7 Firewalls

Figure 1 on this pager shows the following table comparing hardware and software firewalls:

Hardware Firewalls Software Firewalls
Dedicated hardware component Available as third party software, cost varies
Initial cost for hardware and software updates can be expensive Free version included with windows operating system
Multiple computer can be protected Typically protects only the computer on which it is installed
No impact on computer performance Uses the CPU, potential impact on computer performance

Figure 2 on this page is an image showing the Security settings for the Cisco Linksys E2500 router listing the following options:

Firewall:

  • IPv6 SPI Firewall Protection: Enabled/Disabled
  • IPv4 SPI Firewall Protection: Enabled/Disabled

Internet Filter:

  • Filter Anonymous Internet Requests
  • Filter Multicast
  • Filter Internet NAT Redirection for IPv4 Internet Only
  • Filter DENT (Port 113)

Web Filter:

  • Proxy
  • Java
  • ActiveX
  • Cookies

10.2.4 Security Technoques >10.2.4.8: Worksheet - Research Firewalls

10.2.4 Security Technoques >10.2.4.9 Port Forwarding and Port Triggering

The image on this page shows the Single Port Forwarding settings on the Applications and Gaming Tab of the Cisco Linksys E2500 router. See page notes for full description.

10.2.4 Security Technoques >10.2.4.10: Lab - Configure Wireless Security

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.2.5 Protecting Physical Equipment >10.2.5.1 Physical Equipment Protection Methods

Image 1 on this page shows the Windows XP Registry Editor with the Edit DWORD Value dialog box open. The value being edited is AutoRun. See page notes for full description.

Image 2 on this page shows the following:

  • A fingerprint on a persons finger and an eye
  • A person with a finger on a fingerprint scanner and a Smart Card in the other hand
  • A Smart Card being inserted into a Smart Card reader

The text on the image states that , "Password (good protection) + BioMetrics or Smart Card (good protection) = Two-Factor Security (much better protection).".

10.2.5 Protecting Physical Equipment >10.2.5.2 Security Hardware

Image 1 on this page shows a laptop secured to a desk with a keyed laptop cable lock. In the bottom right corner of the image is a close-up of the mechanism for a combination laptop cable lock. Superimposed over the image is a a coiled keyed laptop cable lock with the lock mechanism at one end and the loop on the other end enlarged.

Image 2 on this page shows security screws and locks on a server rack access door. Security screws require specialised tools to remove them.

Image 3 on this page shows a pin card which looks like a flat calculator the size of a credit card with an LED display, buttons for the numbers 0 to 9, a menu button, and an ok button.

Image 4 on this page shows the dialog box for a software program called Soft Token 2 that is used to generate a single-use login PIN.

Image 5 on this page shows a USB security dongle and a security token.

10.2.5 Protecting Physical Equipment >10.2.5.3 Physical Security Activity

The figure on this page is an interactive activity that allows the learner to match different types of physical security activities with their relevant descriptions.

The physical security activities are:

  • Smart card
  • Key fob
  • Biometric devices

The descriptions are:

  • Uses physical characteristics of the user as an aid to positive identification.
  • Uses a small radio system to communicate with the computer.
  • Uses an embedded integrated circuit chip to store data safely

The figure also has the following two buttons:

  • Check
  • Reset

10.3 Common Preventive Maintenance Techniques for Security

10.3.1 Security Maintenance >10.3.1.1 Security Maintenance

The image on this page shows the Windows 7 Update Window displaying a notification telling the user to restart the computer to install important updates.

10.3.1 Security Maintenance >10.3.1.2: Worksheet - Operating System Updates in Windows

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.3.1 Security Maintenance >10.3.1.3 Data Backups

The figure on this page shows the following table listing different types of backup and their descriptions:

Type of Backup Description
Full or Normal This backup type copies all selected files and marks each file as having been backed up.
Incremental This backup type backs up only files that have been created or changed since the last full or incremental backup. Restoring files requires that you have the last full backup set and all incremental backup sets.
Differential This backup type copies only files that have been created or changed since the last full backup. Restoring files requires that you have the last full and one differential backup.
Daily This backup type copies all selected files that have been modified the day that the daily backup has been performed.
Copy This backup type copies all selected files but does not mark them as having been backed up

10.3.1 Security Maintenance >10.3.1.4: Lab - Data Backup and Recovery in Windows 7

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.3.1 Security Maintenance >10.3.1.5: Lab - Data Backup and Recovery in Windows Vista

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.3.1 Security Maintenance >10.3.1.6: Lab - Data Backup and Recovery in Windows XP

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.3.1 Security Maintenance >10.3.1.7 Configuring Firewall Types

The image on this page shows the Customize Settings window of Windows 7 Firewall. The available options are:

Home or work (private) network location settings:

  • Turn on windows firewall
    • Block all incoming connections, including those in the list of allowed programs
    • Notify me when Windows firewall blocks a new program
  • Turn off windows firewall (not recommended)

Public network location settings:

  • Block all incoming connections, including those in the list of allowed programs
  • Notify me when Windows firewall blocks a new program
  • Turn off Windows Firewall (not recommended)

10.3.1 Security Maintenance >10.3.1.8: Lab - Configure a Windows 7 Firewall

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.3.1 Security Maintenance >10.3.1.9: Lab - Configure a Windows Vista Firewall

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.3.1 Security Maintenance >10.3.1.10: Lab - Configure a Windows XP Firewall

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.3.1 Security Maintenance >10.3.1.11 Maintaining Accounts

The image on this page shows the lusrmgr.msc window which list all of the local users and groups.

10.4 Basic Troubleshooting Process for Security

10.4.1 Applying the Troubleshooting Process to Printers >10.4.1.1 Identify the Problem

The figure on this page shows the following table listing the first step in troubleshooting security problems:

Step 1: Identify the Problem
Open-Ended Questions.
  • When did the problem start?
  • What problems are you experiencing?
  • What were you doing when the problem was identified?
  • What websites have you visited recently?
  • What security software is installed on your computer?
  • Who else has used your computer recently?
Close-ended Questions
  • Is your security software up to date?
  • Is your security software up to date?
  • Have you scanned your computer recently for viruses?
  • Did you open any attachments from a suspicious email?
  • Have you changed your password recently?
  • Have you shared your password?

10.4.1.2(Image1): Shows a picture of a table of Establish a Theory of Probable Cause.

10.4.1 Applying the Troubleshooting Process to Printers >10.4.1.2 Establish a Theory of Probable Cause

The figure on this page shows the following table listing the second step in troubleshooting security problems:

Step 2: Establish a Theory of Probable Cause
Common causes of security problems.
  • Virus
  • Trojan Horse
  • Worm
  • Spyware
  • Adware
  • Grayware or malware
  • Phishing scheme
  • Password compromised
  • Unprotected equipment rooms
  • Unsecured work environment

10.4.1 Applying the Troubleshooting Process to Printers >10.4.1.3 Test the Theory to Determine Cause

The figure on this page shows the following table listing the third step in troubleshooting security problems:

Step 3: Test the Theory to Determine Cause
Common steps to determine cause.
  • Disconnect from the network
  • Update antivirus and spyware signatures
  • Scan computer with protection software
  • Check computer for the latest OS patches and updates
  • Reboot the computer or network device
  • Login as a different user to change your password
  • Secure equipment rooms
  • Secure work environment
  • Enforce security policy

10.4.1 Applying the Troubleshooting Process to Printers >10.4.1.4 Establish a Plan of Action to Resolve the Problem and Implement the Solution

The figure on this page shows the following table listing the fourth step in troubleshooting security problems:

Step 4: Establish a Plan of Action to Resolve the Problem and Implement the Solution
If no solution is achieved in the previous step, further research is needed to implement the solution.
  • Helpdesk Repair Logs
  • Other Technicians
  • Manufacturer FAQs
  • Technical Websites
  • Newsgroups
  • Computer Manuals
  • Device Manuals
  • Online Forums
  • Internet Search

10.4.1 Applying the Troubleshooting Process to Printers >10.4.1.5 Verify Full System Functionality and Implement Preventive Measures

The figure on this page shows the following table listing the fifth step in troubleshooting security problems:

Step 5: Verify Full System Functionality and if Applicable Implement Preventative Measures
Verify full functionality
  • Re-Scan computer to ensure no viruses remain
  • Re-Scan computer to ensure no spyware remains
  • Check the security software logs to ensure no problems remain
  • Check computer for the latest OS patches and updates
  • Test network and internet connectivity
  • Ensure all applications are working
  • Verify access to authorized resources such as shared printers and databases
  • Make sure entities are secured
  • Ensure security policy is enforced

10.4.1 Applying the Troubleshooting Process to Printers >10.4.1.6 Document Findings, Actions, and Outcomes

The figure on this page shows the following table listing the sixth step in troubleshooting security problems:

Step 6: Document Findings, Actions, and Outcomes
Document your findings, actions, and outcomes.
  • Discuss the solution implemented with the customer
  • Have the customer verify the problem has been solved
  • Provide the customer with all paperwork
  • Document the steps taken to solve the problem in the work order and the technician’s journal
  • Document any components used in the repair
  • Document the time spend to resolve the problem

10.4.2 Common Problems and Solutions for Printers >10.4.2.1 Identify Common Problems and Solutions

The figure on this page shows the following table listing common security problems and solutions:

Problem Symptom Probable Causes Possible Solutions
A wireless network is compromised even through 128-bit WEP encryption in use. A hacker issuing commonly available wireless hacking tools to crack the encryption.||Upgrade to WPA2 Encryption. Add MAC address filtering for old clients that do not support WPA2.
A user is receiving hundreds or thousands of junk emails each day. The network is not providing detection or protection for the email server from spammers. Install antivirus or an email software program that removes spam from an email inbox.
An unknown printer repair person is observed looking under keyboards and on desktops. Visitors are not being monitored properly or user credentials have been stolen to enter the building Contact security or police., Advise users to never to hide passwords near their work area.
An authorized wireless access point is discovered on the network. A user has added a wireless access point to increase the wireless range of the company network. Disconnect and confiscate the unauthorized device., Enforce security policy by taking action against the person responsible for the security breech.
Users with flash drives are infecting computers on the network with viruses. The flash drive is infected with a virus and is not scanned by virus protection software when a network computer accesses it. Set virus protection software to scan removable media when data is accessed.
A security alert is displayed.
  • Windows firewall is turned off.
  • Virus definitions are out of Date.
  • Malware has been detected.
  • Turn on Windows Firewall.
  • Update virus definitions.
  • Scan the computer to remove any malware.
Windows update fails.
  • The downloaded update is corrupted.
  • The update requires a previous update that is not installed.
  • Download the update and manually and install.
  • Use system restore to restore the computer to a time before the attempted update.
  • Restore the computer from a backup.
System files have been renamed. The computer has a virus
  • Remove the virus using antivirus software.
  • Restore the computer from a backup.
Your email contacts report spam coming from your address. Your email has been hijacked.
  • Change your email password.
  • Contact the email service support to reset the account.

10.4.2 Common Problems and Solutions for Printers >10.4.2.2: Worksheet - Gather Information fromthe Customer

See IT Essentials 5.0 Labs and Worksheets Accessible Files

10.5 Security

10.5.1 Summary >10.5.1.1 Summary

The image on this page shows a a laptop with a chain wrapped around it and secured with a padlock.

End of Chapter 10: Security.

Next - Chapter 11: The IT Professional.

Edit - History - Print - Recent Changes - Search
Page last modified on March 26, 2015, at 01:58 AM