Please enable JavaScript.
Coggle requires JavaScript to display documents.
CHAPTER 3 PART 3 : PROTECTION PHYSICAL EQUIPMENT - Coggle Diagram
CHAPTER 3 PART 3 : PROTECTION PHYSICAL EQUIPMENT
3.3.1 Physical Computer & Network Equipment Protection Methods.
Network infrastructure can be protected by :
Wireless detection for unauthorized access points
Hardware firewalls
Cable locks & security screws for hardware devices.
Network management system that detects changes in wiring & patch panels
Secured telecommunications rooms, equipment cabinets, & cages.
Physical security important as data security.
On Windows
Vista & Windows 7, AutoRun is not a allowed to bypass AutoPlay
On Windows XP, AutoRun bypassed AutoPlay & might launch an application without prompting the user.
If AutoRun is not disabled, it follows the instructions in the autorun.int file
AutoRun is executed first, unless it is disabled.
This is a security risk because it can automatically run a malicious program and compromise the system, so it is recommended to disable AutoRun.
These are the steps to disable AutoRun in Windows XP
Step 3 : Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom.
Step 4 : Double-click AutoRun. In the Value Data text box, type 0 and click OK, as shown in Figure 1.
Step 5 : Close the Registry Editor.
Step 1 : Select Start > Run.
Step 6 : You might have to log out and then log back in for this change to take effect.
Step 2 : Type regedit and click OK.
Two-factor Authentication
For example using a password and a smart card to protect an asset.
When considering a security program, the cost of the implementation has to be balanced against the value of the data or the equipment to be protected.
Computer equipment and data can be secured using overlapping protection techniques to prevent unauthorized access to sensitive data.
There are several methods of physically protecting computer equipment :
Use security cages around equipment.
Label & install sensors, such as Radio Frequency Identification (RFID) tags, on equipment.
Fit equipment with security screws.
Install physical alarms triggered by motion-detection sensors
Keep telecommunication rooms locked.
Use webcams with motion-detection & surveillance software
Use cable locks with equipment.
For access to facilities, there are several means of protection :
Biometric sensors that identify physical characteristics of user, such as fingerprints or retinas
Posted security guard
Card keys that store user data, including level
of access
Sensors, such as RFID tags to monitor equipment
For users that need to access sensitive
network resources, a token can be used
to provide two-factor authentication.
The token is assigned to computer & creates a unique code at certain times
When users access a network resource they enter a PIN & a number displayed by the token
A token can be hardware type , such as a pin card or software type, such as a soft token program
In a busy center a server may need to be secured in a locked equipment room
Where it is necessary to use a laptop computer in a public place, a security dongle, ensures that the system locks if the user & laptop are separated
For instance, a computer in a busy place such as a library, required additional protection from theft & vandalism
3.3.2 Security Hardware
Service packs
A service pack is a combination of patches & updates
Security patches
Patches are code updates that manufacturers provide to prevent a newly discovered virus or worm from making a successful attack
These are the steps to update the operating system with a service pack or security patch
Step 3. Download updates using AutomaticUpdates or from the operating system manufacturer’s website.
Step 4. Install the update.
Step 2. Check for updates to ensure that you have the latest ones
Step 5. Reboot the computer if necessary
Step 1. Create a restore point prior to installing an update.
Step 6. Ensure that the computer is operating properly
The following Windows option allow you to control when software is updated :
Only download updates - Downloads the updates automatically, but the user is required to install them
Notify me - Notifies the user that updates are available & gives the option to download & install
Automatic - Downloads & installs updates automatically without user intervention
Turn off automatic updates - Prevents any checking for updates
