SlideShare a Scribd company logo

23 computer security

Download as PPT, PDF
H
hafizhanif86

This document discusses various threats to computer security and methods for protecting computers and networks. It covers how malicious individuals can steal information or use systems to send spam. It then analyzes security threats from mistakes and malicious actors. It provides recommendations for establishing local control through access policies, backups, and tracking usage. Additional topics covered include social engineering, infiltration, authentication, encryption, firewalls, viruses, spam, wireless security, and incident reporting.

Education
1 of 28
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Computer Security
Computer Security  Through your PC, a malicious person can gain valuable information – About you and your habits – Can steal your files – Run programs that log your keystrokes and thus gain account names and passwords, credit card information – Run software that takes over much of your computer processing time and use it to send spam or steal from others
Analyzing the Threat  Threats to your data and PC come from two directions: – Mistakes – Malicious people  Issues: – Unauthorized access – Data destruction, accidental or deliberate – Administrative access – Catastrophic hardware failures – Viruses/spyware
Local Control  Need to establish control over local resources – Back up data and make sure that retired hard drives and optical discs have no sensitive data on them – You should recognize security issues and be able to respond properly – You need to implement good access control policies, such as having  All computers in your care locked down with proper passwords or other devices that recognize who should have access  Implement methods for tracking computer usage. – If someone is doing something wrong, you and the network or computer administrator should be able to catch him or her!  Backup Essential Data
Social Engineering  The process of using or manipulating people inside the networking environment to gain access to that network from the outside  The term “social engineering” covers the many ways humans can use other humans to gain unauthorized information
Infiltration  Hackers can physically enter your building under the guise of someone who might have a legitimate reason for being there, – Cleaning personnel, repair technicians, or messengers
Telephone Scams  Telephone scams are probably the most common social engineering attack  The attacker makes a phone call to someone in the organization to gain information
Dumpster Diving  Generic term for anytime a hacker goes through your refuse (rubbish), looking for information
Physical Theft  Someone physically steal the server
Access Control  Control access to the data, programs, and other computing resources
Secure Physical Area and Lock Down Your System  Block access to the physical hardware from people who shouldn’t have access
Authentication  Means How the computer determines – Who can or should access it – Once accessed, what that user can do  A computer can authenticate users through – Software or hardware – Combination of both
NTFS, Not FAT32  Must use NTFS or you have no security at all  Use the CONVERT command-line utility to go from FAT to NTFS – CONVERT D: /FS:NTFS
Network Security  User Account Control Through Groups  Security Policies Commonly used: – Prevent Registry Edits  If you try to edit the Registry, you get a failure message – Prevent Access to the Command Prompt  This policy keeps users from getting to the command prompt by turning off the Run command and the MS-DOS Prompt shortcut – Log on Locally  This policy defines who may log on to the system locally – Shut Down System  This policy defines who may shut down the system – Minimum Password Length  This policy forces a minimum password length – Account Lockout Threshold  This policy sets the maximum number of logon attempts a person can make before they are locked out of the account – Disable Windows Installer  This policy prevents users from installing software – Printer Browsing  This policy enables users to browse for printers on the network, as opposed to using only assigned printers
Viruses  A computer virus is a piece of malicious software that gets passed from computer to computer  A computer virus is designed to attach itself to a program on your computer – It could be your e-mail program, your word processor, or even a game – Whenever you use the infected program, the virus goes into action and does whatever it was designed to do – It can wipe out your e-mail or even erase your entire hard drive! Viruses are also sometimes used to steal information or send spam e-mails to everyone in your address book
Virus  Trojans  Worms  Polymorphics/Polymorphs  Stealth
Antivirus Programs  Protects your PC in two (2) ways  It can be both sword and shield – Working in an active seek-and-destroy mode – A passive sentry mode
Spam  E-mail that comes into your Inbox from a source that’s not a friend, family member, or colleague, and that you didn’t ask for  Pop-ups  Spyware  Adware
Firewalls  Devices or software that protect an internal network from unauthorized access to and from the Internet at large  Hardware firewalls protect networks using a number of methods, such as hiding IP addresses and blocking TCP/IP ports  Windows XP comes with an excellent software firewall – Windows Firewall
Encryption  Stop someone to intercept and inspect the packet  Inspected packets are a cornucopia of – Passwords – Account names – Other tidbits that hackers can use to intrude into your network
Network Authentication  PAP Password Authentication Protocol (PAP) – Is the oldest and most basic form of authentication – It’s also the least safe, because it sends all passwords in clear text – No NOS uses PAP for a client system’s login, but almost all network operating systems that provide remote access service will support PAP for backward compatibility with a host of older programs (like Telnet) that only use PAP
Network Authentication  CHAP Challenge Handshake Authentication Protocol (CHAP) is the most common remote access protocol  CHAP has the serving system challenge the remote client – A challenge is where the host system asks the remote client some secret—usually a password that the remote client must then respond with for the host to allow the connection
Network Authentication  MS-CHAP MS-CHAP is Microsoft’s variation of the CHAP protocol. It uses a slightly more advanced encryption protocol
Data Encryption  Encryption methods don’t stop at the authentication level  There are a number of ways to encrypt network data as well  IPSec (IP Security) – Provides transparent encryption between the server and the client – Also work in VPNs, but other encryption methods are more commonly used in those situations
Application Encryption  Famous of all application encryptions is Netscape’s Secure Sockets Layer (SSL) – Protocols make it possible to create the secure Web sites used to make purchases over the Internet – HTTPS Web sites can be identified by the HTTPS:// included in their URL
Wireless Issues  Set up wireless encryption, at least WEP but preferably WPA or the more secure WPA2, and configure clients to use them  Disable DHCP and require your wireless clients to use a static IP address  If you need to use DHCP, only allot enough DHCP addresses to meet the needs of your network to avoid unused wireless connections  Change the WAP’s SSID from default and disable SSID broadcast  Filter by MAC address to allow only known clients on the network  Change the default user name and password. Every hacker has memorized the default user names and passwords  Update the firmware as needed  If available, make sure the WAP’s firewall settings are turned on
Reporting  Event Viewer  Auditing
Incidence Reporting  First – It provides a record of work you’ve done and accomplished  Second – It provides a piece of information that when combined with other information that you might or might not know, reveals a pattern or bigger problem to someone higher up the chain

More Related Content

PDF
Firewalls
Dr.Florence Dayana
 
PPT
Intruders
techn
 
PPT
Firewall
thinkahead.net
 
PPTX
Firewall Design and Implementation
ajeet singh
 
PPTX
Seucrity in a nutshell
Yahia Kandeel
 
PDF
Intruders
Dr.Florence Dayana
 
PPT
Ch08 Microsoft Operating System Vulnerabilities
phanleson
 
PPT
Ch04 Network Vulnerabilities and Attacks
Information Technology
 
Firewalls
Dr.Florence Dayana
 
Intruders
techn
 
Firewall
thinkahead.net
 
Firewall Design and Implementation
ajeet singh
 
Seucrity in a nutshell
Yahia Kandeel
 
Intruders
Dr.Florence Dayana
 
Ch08 Microsoft Operating System Vulnerabilities
phanleson
 
Ch04 Network Vulnerabilities and Attacks
Information Technology
 

What's hot (18)

PPT
Firewall Security Definition
Patten John
 
PPTX
Firewall & packet filter new
Karnav Rana
 
PPT
Network Security Tools and applications
webhostingguy
 
PPT
Firewall
nayakslideshare
 
PPT
Firewalls
Ram Dutt Shukla
 
PPTX
Security Attack Analysis for Finding and Stopping Network Attacks
Savvius, Inc
 
PPT
Network security and protocols
Online
 
PPTX
Network Security & Ethical Hacking
Sripati Mahapatra
 
PPTX
Firewalls-Intro
Aparna Bulusu
 
PPTX
Firewall ppt
OECLIB Odisha Electronics Control Library
 
PPT
Lect13 security
Umang Gupta
 
PPTX
Firewalls and packet filters
MOHIT AGARWAL
 
PPT
Ch05 Network Defenses
Information Technology
 
PPT
Intruders and Viruses in Network Security NS9
koolkampus
 
PPTX
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Gopal Sakarkar
 
PPTX
Firewall presentation
gaurav96raj
 
PPTX
Firewall presentation
TayabaZahid
 
DOCX
Firewalls
Sonali Parab
 
Firewall Security Definition
Patten John
 
Firewall & packet filter new
Karnav Rana
 
Network Security Tools and applications
webhostingguy
 
Firewall
nayakslideshare
 
Firewalls
Ram Dutt Shukla
 
Security Attack Analysis for Finding and Stopping Network Attacks
Savvius, Inc
 
Network security and protocols
Online
 
Network Security & Ethical Hacking
Sripati Mahapatra
 
Firewalls-Intro
Aparna Bulusu
 
Firewall ppt
OECLIB Odisha Electronics Control Library
 
Lect13 security
Umang Gupta
 
Firewalls and packet filters
MOHIT AGARWAL
 
Ch05 Network Defenses
Information Technology
 
Intruders and Viruses in Network Security NS9
koolkampus
 
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Gopal Sakarkar
 
Firewall presentation
gaurav96raj
 
Firewall presentation
TayabaZahid
 
Firewalls
Sonali Parab
 
Ad

Viewers also liked (20)

PPT
22 the internet
hafizhanif86
 
PPT
24 the complete pc tech
hafizhanif86
 
PDF
Climate Change: Implications for Agriculture
ECFoundation
 
PPTX
Sbpagajiguru 111209023917-phpapp02
iyatieku ayune
 
PPT
Word.01
ricardomontoyagallego
 
PDF
Chinese 014
mr_haryono
 
PPT
17 video
hafizhanif86
 
PPT
8 power supplies
hafizhanif86
 
PPTX
gizi terapan
Nur Annissa Gyardany
 
PPT
2 the visible pc
hafizhanif86
 
PPT
18 sound
hafizhanif86
 
PPTX
Gerenciando seu empreendimento e7
silviofsouza
 
PDF
Thesis Paul van Nierop: Muziekwolk
pavanie
 
PDF
Manual salud ocupacional_contratistas (1)
Liz Vargas
 
PDF
Teaching with Sakai CLE from the Ground Up!
LandonPhillips
 
PPT
4 ram
hafizhanif86
 
PDF
Kuliah Ii New2
ramboni
 
PPT
1 comptia certification
hafizhanif86
 
PPT
7 motherboards
hafizhanif86
 
PPT
12 installing and upgrading windows
hafizhanif86
 
22 the internet
hafizhanif86
 
24 the complete pc tech
hafizhanif86
 
Climate Change: Implications for Agriculture
ECFoundation
 
Sbpagajiguru 111209023917-phpapp02
iyatieku ayune
 
Word.01
ricardomontoyagallego
 
Chinese 014
mr_haryono
 
17 video
hafizhanif86
 
8 power supplies
hafizhanif86
 
gizi terapan
Nur Annissa Gyardany
 
2 the visible pc
hafizhanif86
 
18 sound
hafizhanif86
 
Gerenciando seu empreendimento e7
silviofsouza
 
Thesis Paul van Nierop: Muziekwolk
pavanie
 
Manual salud ocupacional_contratistas (1)
Liz Vargas
 
Teaching with Sakai CLE from the Ground Up!
LandonPhillips
 
4 ram
hafizhanif86
 
Kuliah Ii New2
ramboni
 
1 comptia certification
hafizhanif86
 
7 motherboards
hafizhanif86
 
12 installing and upgrading windows
hafizhanif86
 
Ad

Similar to 23 computer security (20)

PPTX
Ethical hacking/ Penetration Testing
ANURAG CHAKRABORTY
 
PPT
Complete notes security
Kitkat Emoo
 
PPTX
Security Architectures and Models.pptx
RushikeshChikane2
 
PPT
Windows network security
Information Technology
 
PPTX
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
PPT
Computer security and_privacy_2010-2011
lbcollins18
 
PPT
Network security
Presentaionslive.blogspot.com
 
PPTX
It security
avi2607
 
PPT
Chapter14 -- networking security
Raja Waseem Akhtar
 
PPT
Windows network
Jithesh Nair
 
PPT
Information Security Audit and Analysis Module
AvinashAvuthu2
 
PPT
Computer Systems Security
drkelleher
 
PPT
Computersystemssecurity 090529105555-phpapp01
Miigaa Mine
 
PDF
PLNOG 8: Merike Kaeo - Guide to Building Secure Infrastructures
PROIDEA
 
PPT
Module 5 security
IT
 
PDF
Sec0001 .pdf
mah902110
 
PDF
Lecture 7---Security (1).pdf
ZeeshanMajeed15
 
PPT
Operating systems and computer security
Swati Bhonde
 
PDF
Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger
Information Security Awareness Group
 
PPTX
Computing safety
Brulius
 
Ethical hacking/ Penetration Testing
ANURAG CHAKRABORTY
 
Complete notes security
Kitkat Emoo
 
Security Architectures and Models.pptx
RushikeshChikane2
 
Windows network security
Information Technology
 
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
Computer security and_privacy_2010-2011
lbcollins18
 
Network security
Presentaionslive.blogspot.com
 
It security
avi2607
 
Chapter14 -- networking security
Raja Waseem Akhtar
 
Windows network
Jithesh Nair
 
Information Security Audit and Analysis Module
AvinashAvuthu2
 
Computer Systems Security
drkelleher
 
Computersystemssecurity 090529105555-phpapp01
Miigaa Mine
 
PLNOG 8: Merike Kaeo - Guide to Building Secure Infrastructures
PROIDEA
 
Module 5 security
IT
 
Sec0001 .pdf
mah902110
 
Lecture 7---Security (1).pdf
ZeeshanMajeed15
 
Operating systems and computer security
Swati Bhonde
 
Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger
Information Security Awareness Group
 
Computing safety
Brulius
 

More from hafizhanif86 (13)

PPT
21 local area connection
hafizhanif86
 
PPT
20 printers
hafizhanif86
 
PPT
19 portable computing
hafizhanif86
 
PPT
16 supporting io devices
hafizhanif86
 
PPT
15 maintaining & troubleshooting windows
hafizhanif86
 
PPT
14 working with the command line interface
hafizhanif86
 
PPT
13 understanding windows
hafizhanif86
 
PPT
11 removable media
hafizhanif86
 
PPT
10 implementing hard drive
hafizhanif86
 
PPT
9 hard drive technologies
hafizhanif86
 
PPT
6 expansion bus
hafizhanif86
 
PPT
5 post , bios , cmos
hafizhanif86
 
PPT
3 microprocessors
hafizhanif86
 
21 local area connection
hafizhanif86
 
20 printers
hafizhanif86
 
19 portable computing
hafizhanif86
 
16 supporting io devices
hafizhanif86
 
15 maintaining & troubleshooting windows
hafizhanif86
 
14 working with the command line interface
hafizhanif86
 
13 understanding windows
hafizhanif86
 
11 removable media
hafizhanif86
 
10 implementing hard drive
hafizhanif86
 
9 hard drive technologies
hafizhanif86
 
6 expansion bus
hafizhanif86
 
5 post , bios , cmos
hafizhanif86
 
3 microprocessors
hafizhanif86
 

Recently uploaded (20)

PPTX
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
PPTX
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
PPTX
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PDF
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
PDF
RMMM.pdf make it easy to upload and study
sajedul2
 
PDF
BÀI TẬP BỔ TRỢ 4 KỸ NĂNG TIẾNG ANH 9 GLOBAL SUCCESS - CẢ NĂM - BÁM SÁT FORM Đ...
Nguyen Thanh Tu Collection
 
PDF
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PDF
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
PPTX
Pharma ospi slides which help in ospi learning
rameetkumar304
 
PPTX
The Healthy Child – Unit II | Child Health Nursing I | B.Sc Nursing 5th Semester
RAKESH SAJJAN
 
PDF
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
PPTX
Renaissance Architecture: A Journey from Faith to Humanism
DrMonicaSharma
 
PPTX
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PDF
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
PPTX
Week 4 Term 3 Study Techniques revisited.pptx
mansk2
 
PDF
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
RMMM.pdf make it easy to upload and study
sajedul2
 
BÀI TẬP BỔ TRỢ 4 KỸ NĂNG TIẾNG ANH 9 GLOBAL SUCCESS - CẢ NĂM - BÁM SÁT FORM Đ...
Nguyen Thanh Tu Collection
 
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
Pharma ospi slides which help in ospi learning
rameetkumar304
 
The Healthy Child – Unit II | Child Health Nursing I | B.Sc Nursing 5th Semester
RAKESH SAJJAN
 
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
Renaissance Architecture: A Journey from Faith to Humanism
DrMonicaSharma
 
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
Week 4 Term 3 Study Techniques revisited.pptx
mansk2
 
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 

23 computer security

  • 2. Computer Security  Through your PC, a malicious person can gain valuable information – About you and your habits – Can steal your files – Run programs that log your keystrokes and thus gain account names and passwords, credit card information – Run software that takes over much of your computer processing time and use it to send spam or steal from others
  • 3. Analyzing the Threat  Threats to your data and PC come from two directions: – Mistakes – Malicious people  Issues: – Unauthorized access – Data destruction, accidental or deliberate – Administrative access – Catastrophic hardware failures – Viruses/spyware
  • 4. Local Control  Need to establish control over local resources – Back up data and make sure that retired hard drives and optical discs have no sensitive data on them – You should recognize security issues and be able to respond properly – You need to implement good access control policies, such as having  All computers in your care locked down with proper passwords or other devices that recognize who should have access  Implement methods for tracking computer usage. – If someone is doing something wrong, you and the network or computer administrator should be able to catch him or her!  Backup Essential Data
  • 5. Social Engineering  The process of using or manipulating people inside the networking environment to gain access to that network from the outside  The term “social engineering” covers the many ways humans can use other humans to gain unauthorized information
  • 6. Infiltration  Hackers can physically enter your building under the guise of someone who might have a legitimate reason for being there, – Cleaning personnel, repair technicians, or messengers
  • 7. Telephone Scams  Telephone scams are probably the most common social engineering attack  The attacker makes a phone call to someone in the organization to gain information
  • 8. Dumpster Diving  Generic term for anytime a hacker goes through your refuse (rubbish), looking for information
  • 9. Physical Theft  Someone physically steal the server
  • 10. Access Control  Control access to the data, programs, and other computing resources
  • 11. Secure Physical Area and Lock Down Your System  Block access to the physical hardware from people who shouldn’t have access
  • 12. Authentication  Means How the computer determines – Who can or should access it – Once accessed, what that user can do  A computer can authenticate users through – Software or hardware – Combination of both
  • 13. NTFS, Not FAT32  Must use NTFS or you have no security at all  Use the CONVERT command-line utility to go from FAT to NTFS – CONVERT D: /FS:NTFS
  • 14. Network Security  User Account Control Through Groups  Security Policies Commonly used: – Prevent Registry Edits  If you try to edit the Registry, you get a failure message – Prevent Access to the Command Prompt  This policy keeps users from getting to the command prompt by turning off the Run command and the MS-DOS Prompt shortcut – Log on Locally  This policy defines who may log on to the system locally – Shut Down System  This policy defines who may shut down the system – Minimum Password Length  This policy forces a minimum password length – Account Lockout Threshold  This policy sets the maximum number of logon attempts a person can make before they are locked out of the account – Disable Windows Installer  This policy prevents users from installing software – Printer Browsing  This policy enables users to browse for printers on the network, as opposed to using only assigned printers
  • 15. Viruses  A computer virus is a piece of malicious software that gets passed from computer to computer  A computer virus is designed to attach itself to a program on your computer – It could be your e-mail program, your word processor, or even a game – Whenever you use the infected program, the virus goes into action and does whatever it was designed to do – It can wipe out your e-mail or even erase your entire hard drive! Viruses are also sometimes used to steal information or send spam e-mails to everyone in your address book
  • 16. Virus  Trojans  Worms  Polymorphics/Polymorphs  Stealth
  • 17. Antivirus Programs  Protects your PC in two (2) ways  It can be both sword and shield – Working in an active seek-and-destroy mode – A passive sentry mode
  • 18. Spam  E-mail that comes into your Inbox from a source that’s not a friend, family member, or colleague, and that you didn’t ask for  Pop-ups  Spyware  Adware
  • 19. Firewalls  Devices or software that protect an internal network from unauthorized access to and from the Internet at large  Hardware firewalls protect networks using a number of methods, such as hiding IP addresses and blocking TCP/IP ports  Windows XP comes with an excellent software firewall – Windows Firewall
  • 20. Encryption  Stop someone to intercept and inspect the packet  Inspected packets are a cornucopia of – Passwords – Account names – Other tidbits that hackers can use to intrude into your network
  • 21. Network Authentication  PAP Password Authentication Protocol (PAP) – Is the oldest and most basic form of authentication – It’s also the least safe, because it sends all passwords in clear text – No NOS uses PAP for a client system’s login, but almost all network operating systems that provide remote access service will support PAP for backward compatibility with a host of older programs (like Telnet) that only use PAP
  • 22. Network Authentication  CHAP Challenge Handshake Authentication Protocol (CHAP) is the most common remote access protocol  CHAP has the serving system challenge the remote client – A challenge is where the host system asks the remote client some secret—usually a password that the remote client must then respond with for the host to allow the connection
  • 23. Network Authentication  MS-CHAP MS-CHAP is Microsoft’s variation of the CHAP protocol. It uses a slightly more advanced encryption protocol
  • 24. Data Encryption  Encryption methods don’t stop at the authentication level  There are a number of ways to encrypt network data as well  IPSec (IP Security) – Provides transparent encryption between the server and the client – Also work in VPNs, but other encryption methods are more commonly used in those situations
  • 25. Application Encryption  Famous of all application encryptions is Netscape’s Secure Sockets Layer (SSL) – Protocols make it possible to create the secure Web sites used to make purchases over the Internet – HTTPS Web sites can be identified by the HTTPS:// included in their URL
  • 26. Wireless Issues  Set up wireless encryption, at least WEP but preferably WPA or the more secure WPA2, and configure clients to use them  Disable DHCP and require your wireless clients to use a static IP address  If you need to use DHCP, only allot enough DHCP addresses to meet the needs of your network to avoid unused wireless connections  Change the WAP’s SSID from default and disable SSID broadcast  Filter by MAC address to allow only known clients on the network  Change the default user name and password. Every hacker has memorized the default user names and passwords  Update the firmware as needed  If available, make sure the WAP’s firewall settings are turned on
  • 27. Reporting  Event Viewer  Auditing
  • 28. Incidence Reporting  First – It provides a record of work you’ve done and accomplished  Second – It provides a piece of information that when combined with other information that you might or might not know, reveals a pattern or bigger problem to someone higher up the chain