Please enable JavaScript.
Coggle requires JavaScript to display documents.
CHAPTER 3 SECURITY TROUBLESHOOTING AND SOLUTIONS - Coggle Diagram
CHAPTER 3
SECURITY TROUBLESHOOTING AND SOLUTIONS
Troubleshooting Process
identify the problem
establish a theory of probable causes
test the theory to determine cause
establish a plan of action to resolve the problem and implement the solution
verify full system functionality and implement preventive measures
document findings, action, and outcomes
have the customer verify the solution and system
functionality
If a quick procedure does not correct the problem, research the problem further to establish the
exact cause
establish a new theory
of probable cause and test it if the cause has not been determined by all theories(tested)
create a list of the most common causes of security problems
Open-ended questions
Closed-ended questions
Common Problems and Solutions
Data Backup in Windows
data backup
stores a copy of the information on a computer to removable backup media that can be kept in a safe place
the most effective ways of
protecting against data loss
performed on a regular
basis and included in a security plan
often reused to save on media
costs
Data can be lost or damaged in circumstances such as theft, equipment failure, or a disaster
the data can be
restored from the backup to functional hardware when the computer hardware fails
current data backup usually stored
offsite to protect the backup media if anything happens to the main facility
considerations for data backups
Frequency
easier to make a
full backup monthly or weekly, and then do frequent partial backups of any data that has changed since the last full backup
having many partial backups increases the amount of time needed to restore the data
Storage
backups should be transported to an
approved offsite storage location on a daily, weekly, or monthly rotation, as required by the security policy (extra security)
Security
the password is entered before the data on the
backup media can be restored
Validation
always validate backups to ensure the integrity of the data
can be done manually or scheduled to takes place
automatically
the appropriate
user rights and permissions are required to successfully back up and restore data in Windows
All users can back up their own files and folders also for which they have the Read permission
All users can restore files and folders for which they have the Write permission
Members of the Administrators, Backup Operators, and Server Operators can back up and restore all files, regardless of the assigned permissions
Types of backup
Malicious Software Protection
Programs
take several different programs and multiple scans to completely remove all malicious software
Run only one malware protection program at a time
Malware
is malicious software that is installed on a computer without user's permission
Signature File Updates
security software must be continually updated because new viruses are always being developed
A virus signature is a set of unique data , or bits of code, that allow it to be identified
Anti-virus software uses a virus signature to find a virus in a computer file system, allowing to detect, quarantine and remove the virus
In the anti-virus software, the virus signature is a definition file / DAT file
step to update signature file
Physical Computer & Network Equipment Protection Methods
ways to protect network infrastructure
Secured telecommunications rooms,
equipment cabinets, and cages
Cable locks and security screws for
hardware devices
Wireless detection for unauthorized access
points
Hardware firewalls
Network management system that detects
changes in wiring and patch panels
another method
Disable the AutoRun feature of the operating system (recommended)
AutoRun automatically follows the instructions in a special file called
autorun.inf
when it is found on new media
On Windows, AutoRun is executed first, unless it is disabled. If its not disabled, it follows the instructions in the
autorun.inf
file
On Windows Vista and Windows 7, AutoRun is not allowed to bypass AutoPlay (more secure)
on Windows XP, AutoRun bypasses AutoPlay and might launch an application without prompting the user
security risk because it automatically run a malicious program and compromise the system
steps to disable AutoRun in Windows XP
Select
Start > Run
Type
regedit
and click
OK
Navigate to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom
Double-click
AutoRun
. In the Value Data text box, type
0
and click
OK
Close the Registry Editor
You might have to log out and then log back in for this change to take effect
Two- factor Authentication
secured using overlapping protection techniques to prevent unauthorized access to sensitive data (password and smart card)
methods of
physically protecting computer
equipment
Use cable locks with equipment
Keep telecommunication rooms locked
Fit equipment with security screws
-Use security cages around equipment
Label and install sensors, such as Radio Frequency Identification (RFID) tags, on equipment
Install physical alarms triggered by motion-detection sensors
Use webcams with motion-detection and surveillance software
For access to facilities, several
means of protection
Card keys
Biometric sensors (fingerprints / retinas )
Posted security guard
Sensors (RFID tags, to monitor
equipment)
For users that need to access sensitive
network resources, a token can be used
to provide two-factor authentication
A token can be hardware type (
pin card
/ software type (
soft token program
))
Factors that determine the most effective security equipment to use to secure equipment
How the equipment is used
Where the computer equipment is located
What type of user access to data is required
Security Hardware
Service Packs & Security Patches
Regular security updates are essential to combat new viruses or worms
Patches
are code updates that manufacturers provide to prevent a newly discovered virus or worm from making a successful attack
A
Service Pack
is a combination of patches and updates
step to update the operating system with a service pack or security patch
Create a restore point prior to installing an update
Check for updates to ensure that you have the
latest ones
. Download updates using Automatic Updates or from the operating system manufacturer’s website
Install the update
Reboot the computer if necessary
Ensure that the computer is operating properly
Windows options that allow you to
control when software is updated
Automatic
Downloads and installs
updates automatically
without user intervention
Only
download updates
Downloads the updates
automatically, but the user is
required to install them
Notify me
Notifies the user that
updates are available and
gives the option to download and install
Turn off
automatic updates
Prevents any checking for
updates
