Академический Документы
Профессиональный Документы
Культура Документы
Chapter 2
Desktop Security
Objectives
• Social engineering
• Password guessing
• Physical theft or lost data
• Improper use of recycled computers
• Password
– Secret combination of letters and numbers that
validates or authenticates a user
• Characteristics of weak passwords
– Passwords that are short
– Common word used as a password
– Using the same password for all accounts
– Personal information in a password
• Brute force
– Attacker attempts to create every possible password
combination
• Dictionary attack
– Attacker takes each word from dictionary and
encodes it
– Attacker then compares the encoded dictionary
words against those in the encoded password file
• Patch software
– Software security updates
• Microsoft Windows operating system
– Most frequently distributed patch software
• Microsoft
– Releases patches on second Tuesday of every
month
– Typically releases 5-15 software patches for
download and installation
• Device lock
– Consists of a steel cable and a lock
– Economical, simple and quick to install
– Very portable
• Stealth signal transmitter
– Software installed on laptop that cannot be detected
• Encryption
– Changing original text to secret message using
cryptography
• Decryption
– Changing secret message back to its original form
• Digital signature
– Code attached to an electronic message that helps
to prove that
• Person sending message with public key is not an
imposter
• Message was not altered
• Message was sent
– Encrypted hash of a message that is transmitted
along with message
• Hash
– Creates encrypted text that is never intended to be
decrypted
– Used in a comparison for authentication purposes
• Most vendors
– Provide an automated wizard that guides user
through process of restoring files
• After any successful attack
– Analyze why attack got through defenses
• Malicious software
– Programs designed to break into or create havoc on
desktop computers
• Social engineering
– Relies on trickery and deceit
– Is considered a basic attack
• Patch software
– Describes software security updates
• Strong passwords
– Important defense mechanism against attackers
• Important to perform regular data backups
• If a computer becomes infected with malware
– Remove computer from network
– Try to reboot computer