ITE - Chapter 9

IT Essentials PC Hardware
and Software 4.1

Instructional Resource
Chapter 9: Fundamental
Security

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1

Chapter 9: Objectives
 Explain why security is important.
 Describe security threats.
 Identify security procedures.
 Identify common preventive maintenance techniques for security.
 Troubleshoot security.


Chapter 9: Critical Concepts
 What is this chapter about and why is it important?
 This chapter details security concepts including security threats, security policy
components, security implementation, preventive procedures, and common security
problems.
 Security is a vital part of computing and networking. IP version 4 was not meant as a
secure protocol. It was developed to share information across a network
environment. Because of maliciousness and business involvement, pop-ups,
viruses, invasion of privacy, and spyware have evolved. According to a business
advisory council, security must be taught in all classes in all aspects of computing.
Every person involved with a computer must be made aware of security threats and
measures that can be used to protect data and computerized equipment.


Chapter 9: Activities
 What activities are associated with this chapter?
9.1 Worksheet: Security Attacks
9.2.1 Worksheet: Third-Party Anti-Virus Software
9.3.4 Packet Tracer Activity: Connecting Wireless PCs to a Linksys WRT300N
9.4.2 Worksheet: Operating System Updates
9.5.2 Worksheet: Gather Information from the Customer
Chapter 9 Quiz


Chapter 9: New Terms
 What terms are introduced in this chapter?

ActiveX 9.2.2

adware 9.2.3

biometric device 9.3.3

card key 9.3.2

Denial of Service (DoS) 9.2.4

Distributed Denial of Service (DDoS) 9.2.7

DNS poisoning 9.2.7

encryption 9.3.3

grayware 9.2.3

Java 9.2.2


Chapter 9: New Terms (continued)

JavaScript 9.2.2

Lightweight Extensible Authentication Protocol (LEAP) 9.3.4

malware 9.2.3

man-in-the-middle 9.2.7

phishing 9.2.3

replay attack 9.2.7

Service Set Identifier (SSID) 9.3.4

social engineering 9.2.6

spam 9.2.5

spoof 9.2.7


Chapter 9: New Terms (continued)

SYN flood 9.2.7

Trojan threat 9.2.1

virus 9.2.1

Wi-Fi Protected Access (WPA) 9.3.4

Wi-Fi Protected Access 2 (WPA2) 9.3.4

Wired Equivalent Privacy (WEP) 9.3.4

wireless network 9.3.4

Wireless Transport Layer Security (WTLS) 9.3.4

worm 9.2.1

zombie 9.2.4


Chapter 9: Changes
 What has changed from the previous version (4.0) of ITEPC?
Page 9.2.8 Explain data wiping, hard drive destruction, and recycling
• Data wiping

Page 9.3.1 Explain what is required in a basic local security policy
• Compliance
• Classification

Page 9.3.2 Explain the tasks required to protect physical equipment
• Intrusion detection
• Trusted Platform Module (TPM)


Chapter 9: Changes (continued)
Page 9.3.3 Describe ways to protect data
• Data Encryption
• Software Firewall
• Data Backups
• Smart Card Security
• Biometric Security
• File System Security

Page 9.3.4 Describe wireless security techniques
• SSID
• MAC Filtering
• WEP
• WPA
• WPA2
• LEAP


Chapter 9: Changes (continued)
Page 9.5.1 Review the troubleshooting process
• Identify the Problem
• Establish a Theory of Probable Causes
• Determine an Exact Cause
• Implement a Solution
• Verify Solution and Full System Functionality
• Document Findings


Chapter 9: Classroom Management
 Wireless is a great way to teach security. Authentication and encryption can be
applied one at a time, and then have students access the wireless network by
applying the appropriate credentials.
 Search the Internet for current virus and malware attacks and any trends in attacks.
 Access Microsoft TechNet Security bulletins to see specific problems and
vulnerabilities in any particular operating system.
 Students can wipe old hard drives with lower capacities to prepare them for
donation. Some hard drive companies have data wiping software that can be
demonstrated during this section.


Chapter 9: Teaching Analogies
 A computer is like a bank that has gold stored in it. When this bank was built, it did
not have a vault or locks on the windows and doors. The bank is very susceptible to
theft in this condition. Over time, the bank builders have learned how to lock the
doors, build a vault, and guard the bank. The operating system patches and design
changes that have been made to safeguard the computer are like the lockable
doors on the bank. The anti-virus and other software that scans for spyware and
malware are like the vault that protects the gold. The firewall that protects the
computer is like the professionals who guard the bank.


Chapter 9: Suggested Class Discussion
 What is an application vendor’s responsibility when security holes are found in the
vendor’s product?
 What are the penalties for software piracy?
• Access the Business Software Alliance web site to see how to report piracy
anonymously.
 What free anti-virus, anti-spam, and anti-spyware tools are available?
 How can firewalls help to block viruses, spam, and spyware?
 How do music and video piracy relate to computer security issues?
 What is war driving? Is it legal?


Chapter 9: Best Practices

 Have the students determine how many wireless networks are present in their
neighborhood.
 Use the Internet to research legislation and fines that are related to computer
hacking with the words: lawsuits fines computer hacking.


Chapter 9: Outside Reading
 National Security Agency
http://www.nsa.gov/

 Verisign
http://www.verisign.com/


ITE - Chapter 9

More Related Content

What's hot (6)

Viewers also liked (20)

Similar to ITE - Chapter 9 (20)

More from Irsandi Hasan (20)

Recently uploaded (20)

ITE - Chapter 9