1. Protection against malicious software
1.1. • Certain types of attacks, such as those performed by spyware and phishing, collect data about the user that can be used by an attacker to gain confidential information
1.2. run virus and spyware scanning programs to detect and remove unwanted software.
1.3. • Many browsers now come equipped with special tools and settings that prevent the operation of several forms of malicious software.
2. File and Folder Permissions
2.1. Permission levels are configured to limit individual or group user access to specific data
2.2. There are four file sharing options to choose from
2.2.1. Nobody
2.2.2. Home group (Read)
2.2.3. Specific people
2.2.4. Home group (Read/Write)
2.3. It is important to clearly define your goals before making the transition.
2.4. The conversion process is not reversible.
2.5. Principle of Least Privilege
2.5.1. •Users should be limited to only the resources they need in a computer system or on a network.
2.6. Restricting User Permissions
2.6.1. • File and network share permissions can be granted to individuals or through membership within a group.
2.6.2. • For example, if you deny someone permission to a network share, the user cannot access that share, even if the user is the administrator or part of the administrator group.
2.6.2.1. •They should not be able to access all files on a server, for example, if they need to access only a single folder.
2.6.3. • This is known as permission propagation. Permission propagation is an easy way to apply permissions to many files and folders quickly
2.6.3.1. Software firewalls, biometrics and smart cards, data backups and data encryption are some of the approaches that we can take to protect our data.
2.6.3.1.1. Biometric security compares physical characteristics against stored profiles to authenticate people
2.6.3.1.2. A software firewall is a program that runs on a computer to allow or deny traffic between the computer and other computers to which it is connected.
2.6.3.1.3. The software firewall applies a set of rules to data transmissions through inspection and filtering of data packets. Windows Firewall is an example of a software firewall.
2.7. the permissions of a folder are changed, you are given the option to apply the same permissions to all subfolders.
3. Data Protection
3.1. Software firewalls
3.1.1. There are number of approach that we can take to protect our data.
3.1.2. It is installed by default when the OS is installed.
3.2. Biometrics and Smart Cards
3.2.1. Example a fingerprint, a face pattern, or retina scan are all examples of biometric data
3.2.2. Biometric security is more secure than security measures such as passwords or smart cards, because passwords can be discovered and smart cards can be stolen
3.2.3. A smart card is a small plastic card, about the size of a credit card, with a small chip embedded in it.
3.2.4. The user is granted access if their characteristics match saved settings and the correct login information is supplied.
3.2.5. The chip is an intelligent data carrier, capable of processing, storing, and safeguarding data
3.2.6. Smart cards store private information, such as bank account numbers, personal identification, medical records, and digital signatures.
3.2.7. •Smart cards provide authentication and encryption to keep data safe.
3.2.8. A security key fob is a small device that resembles the ornament on a key ring.
3.3. where data is transformed using a complicated algorithm to make it unreadable.
3.4. Data Encryption
3.4.1. Software programs are used to encrypt files, folders, and even entire drives.
3.5. Data Backups
3.5.1. • A data backup stores a copy of the information on a computer to removable backup media that can be kept in a safe place.
3.5.2. • Backing up data is one of the most effective ways of protecting against data loss.
3.5.3. • Data can be lost or damaged in circumstances such as theft, equipment failure, or a disaster
4. Protecting Against Malicious Software
5. 1.Length - Use at least eight characters.
5.1. • Passwords should be required to have a minimum length and include uppercase and lowercase letters combined with numbers and symbols.
6. • A username and password are two pieces of information that a user needs to log on to a computer
7. Procedures are detailed step-by-step tasks that should be performed to achieve a certain goal.
8. • It is important to make sure that computers are secure when users are away from the computer.
9. Security Policy
9.1. how to safeguard its information
9.1.1. the rules for computer access and specific information on how these will be carried out
9.1.2. When developing a security policy for the first time, one useful approach is to focus on the why, who, where, and what during the policy development process.
10. Username & Password
10.1. • Password protection can prevent unauthorized access to content. All computers should be password protected.
10.2. Three levels of password protection :
10.2.1. • Login - Prevents unauthorized access to the local computer.
10.2.1.1. • BIOS - Prevents the operating system from booting and the BIOS settings from being changed without the appropriate password.
10.2.2. • Network - Prevents access to network resources by unauthorized personnel.
11. Security Procedures
11.1. Procedures spell out how the policy, standards, and guidelines will actually be implemented in an operating environment.
11.1.1. Data Protection
11.2. A several of security procedures that can be implement in any organization
11.2.1. Security Policies (has been discussed)
12. Password Requirements
12.1. • Any user that must log on to a computer or connect to a network resource should be required to have a password. Passwords help prevent theft of data and malicious acts.
12.2. • Network logins provide a means of logging activity on the network and either preventing or allowing access to resources.
12.3. 2.Complexity - Include letters, numbers, symbols, and punctuation
12.4. Screensaver required password
12.4.1. 3.Variation - Change passwords often. Set a reminder to change the passwords you have for email, banking, and credit card websites on the average of every three to four months.