Please enable JavaScript.
Coggle requires JavaScript to display documents.
CHAPTER 3 SECURITY TROUBLESHOOTING AND SOLUTIONS - Coggle Diagram
CHAPTER 3 SECURITY TROUBLESHOOTING AND SOLUTIONS
3.3 PROTECTION PHYSICAL EQUIPMENT
3.3.1 Physical Computer & Network Equipment Protection Methods
Physical security is as important as data security. Network infrastructure can be protected by:
Wireless detection for unauthorized access
points.
Hardware firewalls.
Cable locks and security screws for
hardware devices.
Network management system that detects
changes in wiring and patch panels.
Secured telecommunications rooms,
equipment cabinets, and cages.
Another method of hardware security is to disable the AutoRun feature of the operating system.
On Windows Vista and Windows 7, AutoRun is not allowed to bypass AutoPlay.
on Windows XP, AutoRun bypasses
AutoPlay and might launch an application without prompting the user.
To disable AutoRun in Windows XP, follow these steps:
Step 1:
Select Start > Run
Step 2:
Type regedit and click OK.
Step 3:
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom.
1 more item...
On Windows, AutoRun is executed first, unless it is disabled. If AutoRun is not disabled, it follows the instructions in the autorun.inf file.
Two- factor Authentication - secured using overlapping protection techniques to prevent unauthorized access to sensitive data.
An example of two-factor authentication is using a password and a smart card to protect an asset.
There are several methods of
physically protecting computer equipment:
Install physical alarms triggered by motion detection sensors.
Use security cages around equipment.
Keep telecommunication rooms locked.
Use webcams with motion-detection and
surveillance software.
Use cable locks with equipment.
For access to facilities, there are several
means of protection:
Biometric sensors that identify physical
characteristics of the user, such as fingerprints or retinas.
Sensors, such as RFID tags, to monitor
equipment.
Card keys that store user data, including level of access.
For users that need to access sensitive
network resources, a token can be used to provide two-factor authentication.
A token can be hardware type, such as a
pin card or a software type, such as a soft token program.
The token is assigned to a computer and
creates a unique code at certain times.
When users access a network resource,
they enter a PIN and a number displayed by the token.
The number displayed by the token is
created from a calculation made with its internal clock and a random number encoded on the token at the factory.
This number is authenticated against a
database that knows the token’s number and can calculate the same number.
Factors that determine the most effective
security equipment to use to secure equipment and data include:
Where the computer equipment is located
What type of user access to data is
required
How the equipment is used