IF EL AN D F OLDER PERM I S S ION F I L E A N D F O L D E R P E R M I S S I O N S MORE ON .... Principle of Least Privilege Usersshould be limited to only the resources they need in a computersystem or on a network. They should not be able to access allfiles on a server,for example, ifthey need to access only a single folder. It may be easierto provide users accessto the entire drive, butitis more secure to limit accessto only the folderthatis needed to perform theirjob. Thisis known asthe principle ofleast privilege. Limiting accessto resources also prevents malicious programsfrom accessing those resourcesifthe user’s computer becomes infected. RestrictingUser Permissions File and network share permissions can be granted to individuals orthrough membershipwithin a group. If an individual or a group is denied permissionsto a network share,this denial overrides any other permissions given. For example, if you deny someone permission to a network share,the user cannot access thatshare, even ifthe useristhe administrator or part ofthe administrator group. The local security policy must outlinewhich resources and the type of access allowed for each user and group. RestrictingUser Permissions When the permissions of a folder are changed, you are given the option to apply the same permissionsto allsub-folders. Thisis known as permission propagation. Permission propagation is an easyway to apply permissionsto many files and folders quickly. After parentfolder permissions have been set,folders and filesthat are created inside the parent folderinheritthe permissions ofthe parentfolder. 46
Procedures are detailed step-bystep tasks that should be performed to achieve a certain goal. Security Procedures Example: we can write procedures on how to install operating systems, configure security mechanisms, implement access control lists, set up new user accounts, assign computer privileges, audit activities, destroy material, report incidents, and much more. Procedures are considered the lowest level in the policy chain because they are closest to the computers and users (compared to policies) and provide detailed steps for configuration and installation issues. #1 #2 47
There are a several of security procedures that can be implement in any organization. The security procedures that we will discuss: Security Procedures Security Policies (has been discussed) Data Protection Protecting Against Malicious Software #1 #2 #3 DATA PROTECTION There are number of approach that we can take to protect our data. Software firewalls, biometrics and smart cards, data backups and data encryption are some of the approaches that we can take to protect our data 48
Security Procedures A software firewall is a program that runs on a computer to allow or deny traffic between the computer and other computers to which it is connected. The software firewall applies a set of rules to data transmissions through inspection and filtering of data packets. Windows Firewall is an example of a software firewall. It is installed by default when the OS is installed. Software Firewall 49
Every communication using TCP/IP is associated with a port number. HTTP, for instance, uses port 80 by default. A software firewall, is capable of protecting a computer from intrusion through data ports. Security Procedures Software Firewall 50
In theory, biometric security is more secure than security measures such as passwords or smart cards. Common biometric devices available include fingerprint readers, retina scanners, and face and voice recognition devices. The user is granted access if their characteristics match saved settings and the correct login information is supplied. Biometric devices, which measure physical information about a user, are ideal for highly secure areas when combined with a secondary security measure such as a password or pin. However, for most small organizations, this type of solution is too expensive. Security Procedures Biometrics and Smart Cards 51
Security Procedures Biometrics and Smart Cards 52
Security Procedures Biometrics and Smart Cards A smart card is a small plastic card, about the size of a credit card, with a small chip embedded in it. 53
Security Procedures Biometrics and Smart Cards The chip is an intelligent data carrier, capable of processing, storing, and safeguarding data. Smart cards store private information, such as bank account numbers, personal identification, medical records, and digital signatures. Smart cards provide authentication and encryption to keep data safe. 54
Security Procedures Data Backups A data backup stores a copy of the information on a computer to removable backup media that can be kept in a safe place. Backing up data is one of the most effective ways of protecting against data loss. Data can be lost or damaged in circumstances such as theft, equipment failure, or a disaster. If the computer hardware fails, the data can be restored from the backup to functional hardware. 55
Data Backups Data backups should be performed on a regular basis and included in a security plan. These are some considerations for data backups: Security Procedures 56
Data Encryption Security Procedures 1. Cyrptography terminologies Encryption: process of encoding a message so its meaning is not obvious. Decryption: reverse process which means try to bring encrypted message back to normal form. Plaintext: original form of message Ciphertext: encrypted form of message Cryptography: the art and science of making secret codes. Cryptanalysis: breaking the secret codes. 57
Data Encryption Encryption is often used to protect data. Encryption is where data is transformed using a complicated algorithm to make it unreadable. A special key must be used to return the unreadable information back into readable data. Software programs are used to encrypt files, folders, and even entire drives. Encryption is a technique for transforming information on a computer so it becomes unreadable. So, even if someone is able to gain access to a computer with personal data on it, they likely won’t be able to do anything with the data unless they have complicated, expensive software or the original data key. Encryption methods can help ensure that data doesn’t get read by the wrong people, but can also ensure that data isn’t altered in transit, and verify the identity of the sender. Security Procedures 2. Explanation about encryption 58
Data Encryption Security Procedures 3. Used Of Encryption Encryption can be used to protect data such as files on storage devices. Used to protect data in transit, for example data being transferred via networks. 59
Data Encryption Security Procedures 4. Advantages of Encryption To protect the confidentiality of digital data stored on computer systems Data cannot manipulate easily Origin message can verified 60
Data Encryption Security Procedures 5. Conventional Encryption Principles An encryption scheme has five ingredients: 1) Plaintext 2) Encryption algorithm 3) Secret Key 4) Ciphertext 5) Decryption algorithm Security depends on the secrecy of the key, not the secrecy of the algorithm 61
Data Encryption Security Procedures 6. List of encryption algorithm RSA Data Encryption Standard (DES) Blowfish International Data Encryption Algorithm (IDEA) Software-optimized Encryption Algorithm (SEAL) RC4 A) B) C) D) E)F) G) H) 62
Data Encryption Security Procedures 7. Common Communication Encryption Types Communication between two computers may require a secure communication. To do so, the following protocols are required: ¤Hash encoding ¤Symmetric encryption ¤Asymmetric encryption 63
Data Encryption Security Procedures Hash encoding, or hashing, ensures the integrity of the message. This means it ensures that the message is not corrupt or been tampered with during transmission. Hashing uses a mathematical function to create a numeric value, called a message digest that is unique to the data. If even one character is changed, the function output will not be the same. The most popular hashing algorithm is now Secure Hash Algorithm (SHA) which is replacing the older Message Digest 5 (MD5) algorithm. HashEncoding 64
Data Encryption Security Procedures Asymmetric algorithms use pairs of keys. One is used for encryption and the other one for decryption. The decryption key is typically kept secretly, therefore called ``private key'' or ``secret key'‘. The encryption key is spread to all who might want to send encrypted messages, therefore called ``public key''. Everybody having the public key is able to send encrypted messages to the owner of the secret key. Example of asymmetric key; ElGamal, Diffie-Hellman,RSA,DSA Asymmetric Encryption Both parties share the same key for encryption and decryption. To provide privacy, this key needs to be kept secret. Once somebody else gets to know the key, it is not safe any more. Ex; Twofish, Serpent, AES (Rjindael) SymmetricKey Encryption 65
Data Encryption Security Procedures SymmetricKey Encryption Asymmetric Encryption 66
Data Encryption Security Procedures Differences betweensymmetric and asymmetric key Encryption 67
Data Encryption Example: Encrypting File System (EFS) is a Windows feature that can encrypt data. EFS is directly linked to a specific user account. Only the user that encrypted the data will be able to access it after it has been encrypted using EFS. Security Procedures 68
Data Encryption Security Procedures To encrypt data using EFS, follow these steps: 69
Data Encryption In Windows 7 and Windows Vista Ultimate and Enterprise editions, a feature called BitLocker is included to encrypt the entire hard drive volume. BitLocker is also able to encrypt removable drives. Security Procedures 70
Protection Against Malicious Software Certain types of attacks, such as those performed by spyware and phishing, collect data about the user that can be used by an attacker to gain confidential information. You should run virus and spyware scanning programs to detect and remove unwanted software. Many browsers now come equipped with special tools and settings that prevent the operation of several forms of malicious software. Security Procedures 71
Security _____ outlines the protections that should be enacted to ensure that the organization’s assets face minimal risks. A. Set B. Policy C. Procedure D. Information System EXERCISE Three levels of password protection are as follows EXCEPT: A. Bios B. Login C. Network D. System monitor Identify the biometric security device. A. Key B. Fingerprint C. RFID card D. Password Select the strongest password that can be used for a system. A. AbCDe123! B. PaSSwoRD C. D+11L4N0V@ D. rAHMAN Abu wants to share a folder with his colleagues where his colleagues can only view. Choose which file permission level that he can adopt: A. Write B. Read C. Modify D. Full control Identify the name of the decrypted form of a message. A. Plaintext B. Scantext C. Secrettext D. Ciphertext Classify the encryption key that are given to all the users who want to send the encrypted message. A. Secret key B. Whole key C. Private key D. Public key ____ algorithms use pairs of keys for encryption and decryption. A. Secret B. Symmetric C. Asymmetric D. Encryption Identify the protection against malicious software. A. Hash code B. Mapping code C. Hackers remover D. Spyware remover 1 Identifying organizational issues that impact information security policy can be done by ensuring Information security policies and standards need to ____ reflect the organization. A. have B. simply C. strongly D. accurately 2 3 4 5 6 7 8 9 10 72
In this lab, you will explore how to secure accounts, data, and the computer in Windows 7. Recommended Equipment: • A computer system running Windows 7 Step 1 Boot the computer and enter the key(s) required to enter the “BIOS Setup Utility” window. 1.Click the Security tab. 2.To set the User password: 3.Select Change User Password then press Enter. 4.Type the password NEWuSER then press Enter. 5.To confirm the new password type NEWuSER then press Enter > OK. PRACTICAL TASK To set the Supervisor password: I. Select Change Supervisor Password then press Enter. II. Type the password ADMINIT then press Enter. III. To confirm the new password type ADMINIT then press Enter > OK. 73
To set the User access level: I. Select User Access Level then press Enter. II. Select No Access then press Enter. III. Select Exit > Exit Saving Changes > OK. Step 2 1.When the computer restarts enter the key(s) required to enter the “BIOS Setup Utility” window. 2. Enter the User password NEWuSER . 3. Restarts the computer if needed, enter the key(s) required to enter the “BIOS Setup Utility” window. 4. Enter the Supervisor password ADMINIT. Are you able to access to the BIOS? 74
5.Click the Security tab. 6.To clear the User password: 7.Select Clear User Password then press Enter > OK. 8. To remove the Supervisor password: 9. Select Change Supervisor Password then press Enter > type ADMINIT > Enter. 10. For the new password press Enter. 75
11.Click the Security tab. 12.To clear the User password: 13.Select Clear User Password then press Enter > OK. 14. To remove the Supervisor password: 15. Select Change Supervisor Password then press Enter > type ADMINIT > Enter. 16. For the new password press Enter. 76
17.Press Enter for OK 18.All passwords should now be removed. 19.Select Exit > Exit Saving Changes > OK. END OF EXERCISE 77
REFERENCES Arthur. W. C. (2018). CompTIA Security+ All-in-One Exam Guide, Fifth Edition (Exam SY0-501) 5th Edition. Mac Graw Hill.( ISBN: 978-1260019322) Kimberly Graves (2010),CEH Certified Ethical Hacker Study Guide, Wiley Publishing, Inc.,(ISBN-13: 978-0-7821-4437-6) Kevin Beaver (2004)Hacking For Dummies® Wiley Publishing, Inc.,(ISBN: 0-7645- 5784-X) Official Certified Ethical Hacker Review Guide, Wiley Publishing, Inc., (ISBN-13: 978-0-7821-4437-6) Small. M. J. (2019). A Quick Guide To Understanding IT Security Basics For IT Professionals (IT Security Books). Independently published. (ISBN: 107209505X)