Please enable JavaScript.
Coggle requires JavaScript to display documents.
CHAPTER 3 SECURITY TROUBLESHOOTING AND SOLUTIONS - Coggle Diagram
CHAPTER 3
SECURITY TROUBLESHOOTING AND SOLUTIONS
3.1.1 Troubleshooting Process
Identify the problem
Establish a theory of probable cause
Test probable cause theory to determine actual cause.
Establish an action plan and execute the plan.
Verify full system functionality.
Document the process
3.1.2 Identify Common Problem and Solutions for Security
Security problems can be attributed to
hardware, software, or connectivity issues,or
some combination of the three.
is a chart of common security
problems and solutions
3.1.3 Data Backup in Windows
stores a copy of the information on a
computer
most effective ways of
protecting against data loss.
should be performed on a regular
basis and included in a security plan.
considerations for data backups:
Frequency
Backups can take a long time.
Storage
backups should be transported to an
approved offsite storage location on a daily, weekly or monthly rotation, as required by the security policy
Security
Backups can be protected with passwords.
Validation
Always validate backups to ensure the integrity of the data.
Types of backup:
Full or Normal
Incremental
Differential
Daily
Copy
3.2 PROTECTION AGAINST MALICIOUS SOFTWARE
3.2.1 Malicious Software Protection
Programs
malicious software that is installed on a
computer without the knowledge or permission of the user
may take several different anti-malware programs and
multiple scans
Anti-malware available for Anti-virus,
anti-spyware, anti-adware, and phishing programs.
Spyware
protection
Antispyware programs scan for keyloggers
Adware
protection
look for programs that display
advertising on your computer.
Phishing
protection
block the IP addresses of known
phishing websites and warn the user about suspicious websites
3.2.2 Signature File Updates
New viruses are always being developed
security software must be continually updated.
A virus signature is a set of unique data, or bits of code,
that allow it to be identified
To update signature file
Create a Windows
Restore Point.
Open the antivirus or
antispyware program.
Select
the Update button
after updated, use it to scan the
computer.
check the report for viruses and problems
automatically
update and run on a scheduled basis
3.3 PROTECTION PHYSICAL EQUIPMENT
3.3.1 Physical Computer & Network
Equipment Protection Methods
Physical security is as important
as data security
another method is to disable the AutoRun feature of
the operating system.
AutoRun automatically follows the
instructions in a special file called
autorun.inf
Two- factor Authentication
An example of two-factor authentication is using a
password and a smart card to protect an asset.
several
means of protection
Card keys
Biometric sensors
Posted security guard
Sensors, such as RFID tags
To disable AutoRun
Select Start > Run.
Type regedit and click OK.
Navigate to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom.
Double-click AutoRun. In the Value Data text box, type 0 and
click OK
Close the Registry Editor
3.3.2 Security Hardware
Service Packs & Security Patches
Patches are code updates that manufacturers
provide to prevent a newly discovered virus or worm
A Service Pack is a combination of patches and
updates.
To update the operating system with a service pack or security patch
Create a restore point prior to installing an update
Check for updates to ensure that you have the
latest ones.
Download updates using Automatic Updates or
from the operating system manufacturer’s website.
Install the update.
Reboot the computer if necessary
Ensure that the computer is operating properly
Windows automatically downloads and
installs updates to operating systems by default
the updates might conflict
with an organization’s security policy or other settings on a computer
control windows update
Automatic
Only download updates
Notify me
Turn off automatic
updates