1 / 28

Cyber Patriot Training

Cyber Patriot Training. Ken Dewey Rose State College. Local Security Policy . What is it? Used to directly modify account and local policies, public key policies and IP security policies for your local computer Where is it?

curt
Télécharger la présentation

Cyber Patriot Training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Patriot Training Ken Dewey Rose State College

  2. Local Security Policy • What is it? • Used to directly modify account and local policies, public key policies and IP security policies for your local computer • Where is it? • Start > Control Panel > Administrative Tools > Local Security Policy

  3. Local Security Policy • What should I look for? • Default User Rights, Security Templates, Password Policies, etc • More information • http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/lpe_topnode.mspx?mfr=true

  4. Local Security Policy

  5. User & Group Configuration • What is it? • Policy is typically assigned at the group level and then users are assigned into groups. It is very important that your groups are configured correctly and your users are in the appropriate groups. • Where is it? • Start > Control Panel > User Accounts

  6. User & Group Configuration • What should I look for? • Users in correct groups for their job, all users have password protected account, etc • Guest account turned off • More information • http://support.microsoft.com/kb/307882 • http://www.kellys-korner-xp.com/xp_groups.htm

  7. User & Group Configurations

  8. BackDoor/Virus/Malware • What is it? • A malicious program that allows a computer to be remotely controlled or exploited • Where is it? • Can be anywhere on your computer (memory, harddrive, registry, flash drive, etc)

  9. BackDoor/Virus/Malware • What should I look for? • Look for files and folders that do not belong. Start in the root of C:\ and comb through the file system. Bogus file extensions, files with no name or a garbled name, files that should be small but are huge, etc. • More information • http://www.wikihow.com/Remove-a-Virus • http://news.frbiz.com/windows_system_the_virus_most-275070.html

  10. Installing Anti-Virus • Microsoft Security Essentials • Sufficiently protects computer from malicious attacks, and roots out viruses • After downloading/installing be sure to update the software

  11. Installing Anti-Virus

  12. Installing Anti-Virus Update the MSE Virus Database, and Spyware Database

  13. Enable Windows Firewall • Enable Windows Firewall • Start > Control Panel > Windows Firewall

  14. DNS • How to check DNS configuration • Host file • C:\windows\system32\drivers\etc • DHCP • Check via ipconfig /all

  15. Task Manager vs. Process Explorer • Malicious Processes can be executing on the computer • Windows Task Manager shows processes • Process Explorer shows a more detailed analysis of what is running on computer

  16. Task Manager vs. Process Explorer

  17. Task Manager vs. Process Explorer

  18. File/Folder Permissions • What is it? • The guidelines on who should be able to and how they should be able to access any particular file or folder. • Where is it? • Right click any file or folder > Properties > Sharing and Security tabs

  19. File/Folder Permissions • What should I look for? • Folders that are shared that don’t need to be, folders that have full permissions for all users that don’t need to be, etc • More information • http://articles.techrepublic.com.com/5100-10878_11-5308684.html

  20. File/Folder Permissions

  21. Vulnerable Services • What is it? • Services are programs that run in the background and perform a specific task. • Where is it? • Start > Run > Services.msc

  22. Vulnerable Services • What should I look for? • Services running that don’t need to be (Telnet, SSH, etc) • More information • http://techrepublic.com.com/i/tr/downloads/home/windows_xp_services_that_can_be_disabled.pdf

  23. Vulnerable Services

  24. Vulnerable Services

  25. Patching & Updating • What is it? • Patches are updates to your operating system (or some program) that add functionality, fix bugs/errors/security holes, etc • Where should I look? • Start > Windows Update

  26. Patching & Updating • What should I look for? • Make sure that you have all the latest updates and service packs. • More information • http://update.microsoft.com

  27. Patching & Updating

  28. Patching & Updating

More Related