Security & Organization–NETWORKING, SECURITY, & MORE ESSENTIALS—CompTIA A+ (220-1001) A-PLUS Certification Prep Course Notes

Securing Computers

• Threats
  • The term “security” encompasses host- and network-based security, and physical security.
  • Common threats include man-in-the-middle attacks, DoS, and DDoS attacks.
  • Symptoms of such attacks (Flags!) include renamed system files, missing files, & more.
  • DoS–Denial of Service; DDoS–Distributed Denial of Service.
  • Zero Day–a new threat that no one has seen before.

• Dealing With Threats
  • Host-based security includes patching, anti-malware, and a firewall.
  • Network-based security includes IDS, IPS, & firewalls.
  • UTM (Unified Threat Management) includes IDS/IPS, firewalls, and anti-malware; available in the cloud.
  • IDS–Intrusion Detection Systmes
  • IPS–Intrusion Prevention Systems; these systems are more active!
  • Endpoint Management

• Physical Security
  • Physical security includes perimeter security, room locks, and individual device security.
  • Security guards and mantraps help perimeter security.
  • Locks, badges, smart cards, and biometrics enable room-level security.
  • Device security devices include server locks, USB locks & screen filters.
  • Key fobs
  • Hardware tokens

• Passwords & Authentication
  • Modern password security relies on passwords and hashes.
  • Methods for cracking passwords and hashes include brute force, dictionary attacks, and rainbow tables.
  • Protect with best password practices, such as upper- and lower-case letters, numbers, and non-alphanumeric passwords; long passwords help too.

• Malware
  • Worms propagate via networking.
  • Trojan horses masquerade as benign programs, but carry a payload for later.
  • Ransomware attacks/locks down systems in exchange for money.
  • Malware infestations manifest as browser redirection, application crashes, update failures, & more.

• Anti-Malware Practices
  • Prepare for malware attacks with good backups, end-user education, and firewalls.
  • Use secure DNS options, such as a trusted third-party site & encryption.
  • Memorize the CompTIA A+ seven-step malware-recovery process.
    • 1). Identify and research malware symptoms.
    • 2). Quarantine the infected systems.
    • 3). Disable System Restore (in Windows).
    • 4). Remediate the infected systems.
      • 4a). Update the anti-malware software.
      • 4b). Scan & use removal techniques (safe mode, pre-installation environment)
    • 5). Schedule scans & run updates.
    • 6). Enable System restore; also and create a restore point (in Windows).
    • 7). Educate the end user.

• Social Engineering
  • Social engineering enables bad people to use information from people inside to gain access to sensitive information.
  • Social engineering attacks include telephone scams, tailgating, shoulder surfing, and dumpster diving.
  • Phishing and spear phishing attacks seek personal or financial information with targeted scams.
    • Phishing is directed towards anybody; spear-phishing is directed towards a specific person, usually large, corporate types.
  • Social engineering is the use of deception to get people to give away info that they normally wouldn’t give away.

• Licensing
  • EULA describes what users can do with licensed software.
  • DRM controls what users can do with some content.
  • Producers retain all rights to commercial software.
  • Open-source software enables users to change or modify the software.
  • “An Open Letter to Hobbyists” -Bill Gates, 1976
  • Required licensing fee for the BASIC programming language.
  • GNU GPL–GNU General Personal License

• Incident Response
  • Techs need to understand & implement proper incident response.
  • Know your responsibilities
  • Identify the problem through reporting, preservation, and documentation.
  • Exercise proper chain-of-custody procedures.

• Environmental Controls
  • Check the MSDS (Materials Safety Data Sheet), for any spills or problems with equipment.
  • Monitor temperature & humidity levels.
  • Ensure proper ventilation.
  • Employ surge suppressors & UPS backup devices.
  • Clean systems with compressed air & specialized vacuums (anti-static vacuums).

Getting Organized

• Documents You Need To Know
  • Document network assets through logical & physical diagrams.
  • Access good online sources for information, such as the Microsoft Knowledge Base, AWS Documentation, Cisco.com for their documentation, etc.
  • Organizations follow rules for regulatory compliance.
  • Know these terms:
    • Network topology diagrams (how you document computers, routers, switches, printers, etc.)
    • Logical diagrams
    • Physical diagrams (i.e. floor plans)
    • A.U.P. (Accepted Use Policy)
    • Password Policies
    • Inventory Management–asset tags, barcodes, etc.

• Data You Need To Know
  • Protect P.I.I. (Personally Identifiable Information) such as social security numbers, address, & so on.
  • Strict laws govern what organizations can do with P.H.I. (Personal Health Info) such as medical records.
  • The GDPR (General Data Protection Regulation) in the European Union specifies how & what data online organizations can get from visitors.
  • The payment card industry follows the PCI DSS (Payment Card Industry Data Security Standard) to ensure security of financial interactions.

• Change Management
  • Change Management enables organizations to update systems safely & methodically.
  • CompTIA A+ techs understand the change management process.
  • Change management follows clear steps, from the change board to enacting changes to documenting all changes.

• The Zen of Backup
  • Disaster recovery starts & ends with restorable backups.
  • File-level backups provide good protections for data.
  • Image-level backups enable full system recovery quickly.

• Recycling & Data Destruction
  • Take old computing parts, like toner cartridge & monitors, to recycling centers.
  • Reset all smartphones & tablets before reselling or donating.
  • Run drive-wiping software or physically destroy all mass media drives when disposing of them.