Please enable JavaScript.
Coggle requires JavaScript to display documents.
SECURITY BASIC & IT PROFESSIONAL Chapter 3 (Security Troubleshooting…
SECURITY BASIC & IT PROFESSIONAL Chapter 3
(Security Troubleshooting And Solutions )
Six Steps for Troubleshooting
Step 1
Identify the problem
-The first step in the troubleshooting process.
-A list of open and closed-ended questions is useful.
Step 3
Test your theories to determine the cause of the problem
-Test your theories to determine the cause of the problem.
-A list of quick procedures to common problems can help.
Step 2
Establish a theory of probable cause
-Based on the answers received, establish a theory probable cause.
-A list of common problems can be useful.
Step 4
Establish a plan of action to resolve the problem and implement the solution.
A plan of action is needed to solve the problem and implement a permanent solution
Step 5
Verify full functionality and, if applicable, implement preventive measures.
It is important to perform a full re-scan of the computer.
If applicable, implement preventive measures to avoid future problem recurrences, such as enabling automatic updates.
Step 6
Document your findings, actions, and outcomes.
Findings, actions, and notes should be documented.
This log can be helpful for future reference.
Security
Malware
Firewall or Proxy Settings
User Permissions
Telnet
-program that let you log into to a remote computer directly through the internet, and to computer on the remote computer
Malicious software
Malicious software, malware refer to any software designed to cause damage and brings harm to a single computer, server, or computer network and gain access to sensitive information.
Spyware
malware used for the purpose of secretly gathering data on an unsuspecting user, spies on the data being send and received with the purpose of sending that information to a third party
Rootkit
a program or, more often, a collection of software tools that gives a threat actor remote access to and control over a computer or other system.
Adware
malware that forces your browser to redirect to web advertisements, which often themselves seek to download further, even more malicious software.
Ransomware -
malware that encrypts your hard drive's files and demands a payment, usually in Bitcoin, in exchange for the decryption key.
Malware removal and protection
Additional features
Ease of use
Example
Norton 360
— Best malware removal and overall protection in 2021.
Bitdefender
Full anti-malware software (very fast scans).
McAfee
Excellent scanner for total malware + virus removal.
TotalAV
— Fast and easy-to-use anti-malware program with good PC optimization.
Avira
— Best free malware removal software (with free security protections).
Malwarebytes
Intego
Network Connection Problem
DNS ( Domain Name System
DHCP ( Dynamic Host Configuration Protocol):
ICMP ( Internet Control Message Protocol):
Network Connection Problems
Network Troubleshooting Tools
SIGNATURES FILE UPDATES
Signature files or definitions are an important part of how antivirus and antimalware software works.
These files contain information about different viruses and malware, which is used by the software to detect, clean, and remove detected threats.
Antivirus software performs frequent virus signature, or definition, updates. These updates are necessary for the software to detect and remove new viruses.
New viruses are being created and released almost daily, which forces antivirus software to need frequent updates.
If you haven’t updated these files, then your antivirus software isn’t nearly as effective.
For example, in Windows Defender, these files are automatically updated as part of the Windows Update process. By clicking on the Update tab, you can see the last time antivirus and antispyware definitions were downloaded by your system
Protecting Physical Equipment
-Service packs
-Security patches
Physical protection
Physical security is as important as data security. It is important to restrict access to premises using fences, door locks, and gates.
Secured telecommunications rooms, equipment cabinets, and cages
Cable locks and security screws for hardware devices
Wireless detection for unauthorized access points
Hardware firewalls
Network management system that detects changes in wiring and patch panels
6 Physical Security Activities
(1) Don't use unnecessary interest in your critical facilities.
(2) Maximize structural protection
3) Be particularly careful with non-essential materials in a secure computer room.
(4) Protect cabling, plugs, and other wires from foot traffic.
(5) Keep a record of your equipment.
(6) Limit and monitor access to equipment areas