CompTIA IT Fundamentals FC0-U61 – IT Security Threat Mitigation

  1. Physical Security

That means you need to recognize the types of threats out there, what the bad guys might try to do to get through your security. These include the obvious stuff like smashing a window and flat-out stealing from you. But it also means other things, like piggybacking on your Wi-Fi without permission. Plus, because we live in an online world, a lot of local security gets threats from network sources. That means the line between local security and network security blurs. It’s complicated and easier to show than tell. So let’s take a little trip. Hello, this is utilities Dwight speaking. Hi, Dwight. This is Jim from the It Department. We’re doing a companywide password reset, so we need to get everyone’s old password in order to reset them. You’ll get a password reset notification when you log in tomorrow. Sure thing, Jim. My old password is bears beats Battle star Galactic. That’s all lower case with no spaces. Thanks a bunch, Dwight. We’ll get that changed right away.

Bears beats a man tells his password to his company’s It department seems harmless enough. They say that a trusting nature is a virtue. But they also say that a sucker is born every minute. We’d all like to think that pale hackers typing away in Dank basements pose the greatest threat to our networks. It’s an evil we can understand, a threat that feels contained. But we live in a world where evildoers prey on our virtues, turning them against us. Telephone scams like the one you just witnessed, or phishing attacks using email pervert our willingness to be agreeable and trusting. Malicious elements pretend to be trusted authorities in the hopes that users will willingly hand over precious passwords. And users do. It turns out that we are the greatest threat to our networks.

It’s just the sort of twist you’d expect in the social engineering zone. You might feel comfortable leaving your office computer unattended and unlocked. After all, your coworkers are trustworthy, aren’t they? However, on gaining access to a secure building, all a Tailgator has to do is wait for someone to take a bathroom break. To gain complete access to an otherwise impenetrable network, consider it vital to lock your computer when you walk away from it, even if it’s just for a short time. Also, make sure your user account is password protected. If you think that locking your computer is a sure protection against wrongdoers, think again. Why wait for you to get up for a break when it’s just as easy to stand behind you and watch over your shoulder? They’ll watch you as you type passwords, access secure documents, and communicate with other employees.

Always make sure there’s not a stranger shoulder surfing behind you. If the prospect of looking over your shoulder all day sounds onerous, invest in a screen filter, which makes it impossible to see what’s on your screen unless you’re right in front of it. Even the most tightly controlled offices often have an Achilles heel dumpster diving criminals are a shameless and stinky lot.

Not at all above digging through trash to find sensitive information. Companies have toppled individuals, have had identity stolen, all by being careless with their refuse. Make sure to shred any trash that you don’t want prying eyes to see. After all, one man’s trash is another man’s treasure. We often find it comforting to ignore the dangers that surround us on all sides. The world we live in, however, will brook no such fictions. The unaware and the naive become victims of wily, ruthless criminals who forever stalk the social engineering zone. Thank you.

  1. Dealing with Malware

Malicious software or malware from online sources presents a clear and present danger to every modern computer user. Unsavory programmers want your money, your personal information, and your computing power. This is bad news all the way around. Previous episodes have covered online threats such as spam and email phishing. This episode explores a few particularly virulent forms of malware, symptoms of a malware infestation, and actions for dealing with the everpresent threat. Spyware gathers information about system usage. As the name would suggest. Spyware generally installs as part of some otherwise benign program or media.

Some spyware collects information about websites you visit or things you purchase. The more vicious kind, like key loggers literally report the keystrokes you make, including credit card numbers, personal identification numbers, expiration dates, and login information. Ransomware installs on a computer and at a predetermined time, locks up the data.

Some will encrypt the entire contents of a hard drive. The ransomware will have some kind of payment mechanism demanding money in exchange for access to your data. This is extortion, plain and simple. Ransomware often piggybacks on infected zip files attached to email messages. The most obvious sign of a malware infestation is a buggy computer, excessive CPU usage, and network traffic, even when you’re not actively doing anything that would strain the computer. Unfortunately, misbehaving hardware can cause the same kind of behaviors.

How can you know the root cause of the problems? Scan the system with antimalware software. Protecting against malware starts with keeping the operating system up to date. Both Windows and Mac OS do this automatically as long as the machine is connected to the Internet. The CompTIA it fundamentals exam will ask about manually updating operating systems, which we used to do for earlier versions of Windows. Run antimalware software regularly. We’ve discussed Windows Defender in a past episode, so I won’t reprise it here. But you can also install third party antimalware applications. Keep the definition files updated so the programs know the latest malware the exam might ask about.

Antivirus programs treat these older applications like modern antimalware software. Keep both the applications and definition files updated. Recovering from a malware attack follows five steps recognize, Quarantine, search and destroy. Remediate educate. Recognize the symptoms of an infected computer. It was working fine one day and then poorly the next day after some heavy web surfing by your nervous looking nephew who stopped by to visit quarantine the computer. As soon as you suspect something disconnect from any networks, run antimalware software to search and destroy any malware found on the system and to remediate restore any lost files or corrupted operating system files. Finally, educate all users of a system about the perils of clicking on unknown files or going to dubious websites.

  1. Password Management

A key goal in local security. The fancy word of the day is authentication. When you log into a computer with a username and password, you authenticate the computer requires you to know something, you provide that information correctly, and you have access to the computer. Got it. That something you know is typical single factor authentication. Multifactor authentication provides much better security, but it requires more than one thing.

Accessing an automated teller machine to pull some cash for the evening requires an ATM card. That’s something you have. And a personal identification number. That’s something you know. With personal computing devices, we’re generally stuck with single factor authentication through a password. So you need to make your password something special and secure o determine what makes a good password. Let’s play lamer game. Welcome to Lamer game. What makes a good password? Our first entry is 12345. Well audience lamer game. Right.

It’s too short at only five characters, and it’s the default password for every piece of luggage made since 1963. Let’s try another. Belvedere an excellent name for a dog.

Audience lamer game. Game. It’s longer at nine characters, which isn’t bad, but easily identifiable names are right out the window. Here’s a better 144 sticks with dollar signs for the S’s. Lame or game? Game. That’s a tough one. It’s eight plus characters, upper and lowercase letters, numbers and symbols. That was the industry definition of a good password for a very long time. Let’s do one more. I had a farm in Africa in 1965. Well audience lamer game. Totally game long, easy to remember for user and a mix of cases, numbers and symbols. We have a winner. Thank you for playing way more game.

  1. Clickworthy

You need to know key indicators of safe websites and email messages, and definitely spot key factors of dangerous websites and email. So to determine safe from unsafe, let’s play clickworthy in. clickworthy. We look at email messages and websites, and you, the audience, decide whether or not those links are clickworthy. Let’s play. And let’s start with email. Our first entry is from True Dog Breast Spray, asking us to buy this amazing product.

Audience clickworthy. Yes. No. Unsolicited email messages bam are pretty easy to spot. Unknown source asking for money. Bad news. Let’s try another. Oh, here’s a message from mom that has a subject line. This is great. And only a link to a picture in the body. Audience clickworthy right. It’s relatively easy to fake or spoof an email address. You can contact the sender if you think the message might be legit. Here’s another a message from your cousin Shirley announcing little Jimmy’s graduation and with a link to the commencement site. Audience clickworthy. That’s right. An expected message from a known source.

That’s a safe one. Let’s hit a couple of websites now. Hey, this pop up just appeared saying my drivers are out of date and my computer is at risk. Click here to download updated drivers. Audience clickworthy. No. Absolutely not. Don’t click these fake security messages at all. Anywhere. The entire pop up could put your computer at risk.

In Windows, press Alt plus F Four to force quit a browser to clear the screen safely. In macOS, press Command plus Q to do the same thing. Here’s another you read in a reddit forum about a great site for downloading the latest movies for free. And there’s a link. Audience clickworthy. No. Piracy sites are generally bad news, and not just because of the legal issues. Stay away. Let’s do one more. You googled a name you heard recently, joshua Johnson, and the first link points to the National Public Radio website Npr. org. Audience clickworthy yeah. Yes. We have a winner. A known site is most likely a safe site. Thank you for playing collect worthy.

  1. Perils of Public Internet

Wherever they can find WiFi and check email and social media, like Facebook or Twitter. People observe the news, check the traffic, check the weather. This is how we roll. For the most part, people use their private devices smartphone, tablet, laptop. The way to protect an individual in such a public venue is Https.

The hypertext transport protocol, with the addition of secure protocols such as SSL and TLS, enables you to connect to a website or other internet server for email and social media, for example, with some surety that the communication won’t be crackable. When you set up the email client on a portable device, you have an option to insist the connection with your email server use encryption. Most clients do this today by default. Look at this screenshot of Mozilla Thunderbird, an excellent free email client.

When setting up a new account, it defaults to IMAP rather than pop three secure rather than unsecure for getting messages. That’s the incoming part. It’s also defaults to start TLS for outgoing messages, a version of TLS for security. For a website, you can specifically type Https rather than Http in the URL.

This will enable you to connect using proper encryption, a scrambling of the signals so that it can’t be nabbed by thieves. If you need to use a shared Internet connection, like a kiosk at a public library or convention floor, assume that this connection has negative security. That means that the machine you’re using very much could have keylogging software installed that will track what you type. If you access email, webmail, any website that requires you to put in a username or password, that personal information may be compromised by bad guys.

  1. AMA – Ask Me Anything About IT Threat Mitigation Part 1

I wanted to take some time to hear from you and answer questions you might have on it fundamentals or computer literacy. So that’s why we put together these Ask Me Anything episodes. My friend Aaron is going to ask questions about stuff in this chapter from viewers like you. I also want to hear from you as well. My email is at the end of the episode ask Me Anything. Jennifer from Columbia, this, Ohio asks, is there a software I can use to store my passwords?

Yes, there are several different types of commercial software out there that will enable you to store passwords for all kinds of things. One of the biggest is from Apple called Keychain. And Keychain will store your passwords to your iOS devices, to Apple products, to other products as well. Most web browsers also will store passwords, which is incredibly convenient because when you’re logging into accounts on Amazon, on Google, on all these different websites, there’s too many passwords, right, and names to remember. So the browser will store all that information for you so you don’t have to retype it every time. Okay, and is that safe to keep all of your passwords safe? That’s a good question, Aaron.

Yes, it’s safe, right. As long as you’re the only user of that computer and you’re there and you’re logged in and all that stuff, it’s perfectly safe. Okay. Where it becomes not safe is if you have multiple users of that computer to make sure that other users don’t have access to your passwords and your websites and who you are. Essentially, as far as the Internet is concerned, you need to log off. Always log out. Right. Log off. Log out when you walk away from your computer.

Okay, that’s easy enough, right? And Katie from Houston, Texas says, my laptop was stolen from my car last week. How can I get my back my licenses? That’s a tough one. It depends, right? It depends on how you acquired your software. If you have things like Microsoft Office 365 that requires a subscription with Microsoft, you just go to another computer, log into your account on Microsoft, and deactivate the software that was on the stolen machine. Okay.

You can do this on most Apple products, too, for that matter. And, like, big programs like the Adobe Creative suite. Great. If, on the other hand, you bought commercial software that you installed from a disk or something like that, you’re probably out of luck. Luckily, most software these days comes from downloads and you might be able to just download and reinstall using the same information, login information. Okay, good to know. Michael from Anaheim, California wants to know, can I set up my own lockout timeout options? Absolutely, yes, you can. This is true in Windows and Mac OS and Linux for that matter. Every device, whether it’s a desktop computer, a laptop or a handheld device, has a certain logout time by default. Okay? Right. But you can go into Settings, which is pretty much the universal name for the app in all of these different devices, and just change the logout time. In fact, for example, on this tablet, because it’s a mobile device on a battery, it has a certain, like a short, like a two minutes and then it’ll log on. Right? Yes. Like phone, just to save battery life. Because you’re sitting here with this device in your hand for five minutes, ten minutes, 20 minutes. However long we run, we didn’t want it to turn off. So you change. So we changed the timer on Air.

Yeah. Okay, well, thank you for that. Excellent. Does get annoying. A. J. From Milwaukee asked, what is local encryption and why would I ever need to use it? Wow. Great question, AJ. Let’s talk about encryption first. Okay. Encryption is where we take a file or folder and transform it in a way that, unless you have the proper decryption key, you can’t read that file or folder information. Nice. Okay. We use this all the time. We use it in wireless communication. For example, when we’re making connections over your mobile device, those connections are encrypted. When you log into Amazon and make purchases, that information is also encrypted. Good, right? Yes, it’s great. Otherwise people could get a hold of your stuff. Local encryption is different. Both Windows and macOS enables you to do local encryption just like a right click and say, encrypt this file or folder. What that does, in effect, is for the user, whoever’s logged in and encrypts that file. It acts and smells like a normal file.

You can open it, you can modify it, you can save it. Right. Where it becomes incredibly powerful is when you have a shared computer. The other users, once you’re logged off, they log in. They might be able to see the file name or folder name, but they won’t have any access to the contents of that file or folder. Windows will simply laugh at them. How tricky. Right. And this is also incredibly important with laptops, because what happens if you’re at a cafe and you walk away or your laptop gets stolen? Yes, a technical user, a tech, can rip the hard drive out of that laptop, plug it into another system, and have access to all the files and folders in that laptop. I don’t want that. Right, but if you’ve locally encrypted, the thief will not have access to the things that are encrypted. Encrypt your stuff. Encrypt your stuff. But this also means that if you lose your password or you need to create a new account or something like that, you won’t have access to those encrypted files. So be careful with it. Use it on things that are very important. Okay, I understand. And that’s all we have for chapter eleven. Thank you, Scott. Thanks.

  1. AMA – Ask Me Anything About IT Threat Mitigation Part 2

I wanted to take some time to hear from you and answer questions you might have on it fundamentals or computer literacy. So that’s why we put together these Ask Me Anything episodes. My friend Aaron is going to ask questions about stuff in this chapter from viewers like you. I also want to hear from you as well. My email is at the end of the episode ask Me Anything. I recently got a new Windows laptop, and I want to change my browser homepage. How should I do that? It’s actually fairly easy to do in whatever browser you’re using a new Windows laptop.

That means your default browser is going to be Microsoft Edge, and your default homepage is going to be Bing, which is a nice search engine. But if you want to change that to something you’re more comfortable with, like Google, right. You can do this pretty easily through the browser’s settings. Getting to Settings is different among the different browsers, but it’s usually, oh, I don’t know. In Edge, for example, there are three little dots arrayed horizontally in the top right corner. Yeah. Click that and go to Settings, and you can make changes to your home page. You can set it to be a blank page. You can set it to be Google a specific page. You can even have it be multiple pages. Oh, wow. Right? Cool. In Google Chrome, you even have an option for there’s a home button on the screen that you can have enabled that’ll take you to one place, and then you can also have, when I first opened my browser, take me to a totally different website. Yeah. So it’s powerful and flexible. Okay, good to know.

Well, next, Chris from Baton Rouge asks, what is a firewall, and should I have one? Wow. Great question, Chris. A firewall stops bad people and bad things from coming into your system and doing bad things. Right. The beauty is, every computer these days has a firewall built in. Nice. And that’s Windows Mac OS. All your mobile devices. We used to have to buy expensive third party firewalls and to protect ourselves from any protect any Internet capable machine from getting infected and stuff. But now Windows Firewall, the firewall built into macOS, these are all powerful enough to stop bad things from just coming into your system. So we do make changes to the firewall with programs that are Internet aware. For example, they’ll need to have some sort of access. Let me give you an example. I just downloaded Track mania and installed it in my system. Track Mania is a virtual racing game that has crazy tracks and crazy physics that are almost physics, but it enables me to race against people on these crazy tracks all over the world.

So because it’s an Internet aware application, so when I installed it, it immediately popped and said, hey, do you want to make a hole in the firewall? Do you want to make an exception. That’s the technical term. And if I wanted to play with others right over the Internet, my answer had to be yes. Right. So firewalls are good, powerful. They can be adjusted. So there you go. Great. Well, there you go. Here’s a question from Seria in Buffalo, New York. She wants to know, what does ransomware mean? And if I pay, will I get my files back? Ransomware. Ransomware is like the nastiest malware on the planet right now, here’s how ransomware works. You’ll get some sort of file and you’ll click on it, usually an email attachment or something like that. And the file will contain a payload fancy technical term for program that runs automatically and will encrypt all the files and folders on your computer and then give you a little message at the top saying, pay up.

Send money to this to this email, or you can’t have any of your files back. That’s terrible. It’s totally terrible. Back in 2017, like, many countries in Europe, were hammered by ransomware attacks. And the sad part is and this goes to the second part of her question the companies that did pay the ransom, they paid to an email account that within a day or so had already gone down and was useless. And so they spent money, and did they get their files back? No. No. Wow. Yeah. So this kind of takes us all the way back to chapter eight, right. To protect yourself against a potential ransomware attack and losing access to all of your files forever. Keep a backup. Keep a backup. That’s right. Absolutely right. There you go. Okay. Well, next I would like to tell you a personal story.

Okay. A while back, I got a virus on my computer. Oh, no. And it completely destroyed my Internet surfing capabilities. It slowed it down. There were tons of advertisements on every page to where I couldn’t even navigate. Yeah. So what should I do? Well, the first thing to do in case of an attack like that is to disconnect, right. Is to quarantine your system so that it’s not able to infect any other computers. The next step is to run some software to be able to search and destroy whatever bad thing has happened. And this will differ depending on the operating system that you’re using.

So in macOS, for example, you would go to a specific website, download some software, or just run the check from that website. That would clean your system up for you. Okay. That works because Macs are very tightly controlled systems, right. So Apple will protect you from yourself right. On Windows machines, because that’s much more wild and woolly world out there. You have a bunch of different options. You could get third party software like McAfee or Norton Anti Malware and run it from boot to it, essentially, to a disk, and then run the anti malware software to scan your system, find the bad things, and get rid of them. I see. Okay. If you want to go a little geekier, you can either make one yourself or get a friend to make one for you. A bootable thumb drive that runs some version of Linux and run anti malware software, like malware bytes from that bootable thumb drive. So you boot to it boot up into Linux. Okay, this is getting geeky, right? Call a friend. Call a friend. That’s right. Absolutely. It’s good. You have options, at least. You have options. That’s good. Well, now on to a question from Adam in Orlando. Should I download a plug in and how do I delete it? Okay, Adam, you have a browser installed.

You already have plugins. Yeah, they come with them. Default, for example. Google Chrome comes with ad block. Okay. Right. So it stops some of the more annoying ads that are out on the Internet just by default. You can also download extensions to do specific things. I needed to capture a bunch of screens, motion captures on a website that I was working with, because I wanted to be able to show this in a YouTube video. And so I downloaded an extension to Chrome that basically added a little button to the top of my screen that I just clicked it and it started recording. Yes. I was able to very easily capture screens on my Windows system when I was done. I then wanted to uninstall it because having extra stuff on your system eventually slows things down. So just going into the settings in Chrome or Edge or whatever browser you’re using, you can very easily disable, deactivate, uninstall. All the extensions will be listed right there. Air with a little option saying get rid of it. Nice. Easy as that. That’s easy. Well, that’s it for chapter twelve. Thank you, Scott.

img