View
404
Download
0
Category
Tags:
Preview:
DESCRIPTION
discuss about computer security. reference: comptia a+ book.
Citation preview
Physical Security and Digital
Security
MOHAMAD ZAWAWI BIN MAH HASAN
MUHAMMAD AZIZIE BIN MEZELAN
Physical security
Description
Physical security, as the name implies,
involves protecting your assets and
information from physical access by
unauthorized personnel.
In other words, you’re trying to protect
those items that can be seen, touched, and
stolen.
Physical security
Lock Door – one of the easiest way to
prevent those intent to creating problems
physically entering your environment is to
lock your doors and keep them out.
Securing physical
documents/password/shredding – in high
security and government environment,
sensitive papers should be either shredded
or burned.
Physical security
Biometrics – physical characteristic to
identify the user.(fingerprint, palm, hand
scanner, retina scanner, and soon, possibly,
DNA scanner)
Badges – can be any of form of
identification intended to differentiate the
holder from everyone else. Eg: name badge
or photo ID.
Physical security
Key Fobs – are named after the chains that
used to hold pocket watches to clothes.
RFID Badges – is a type of badge or card
that give you access to resources, including
buildings, parking lots and computer.
Physical security
RSA token – are anything that user must
have on them to access network resources
and are often associated with devices that
enables the user to generate one-time
password authenticating their identity.
Privacy Filters – either film or glass add-ons
that are placed over a monitor or laptop
screen to prevent the data on the screen
from being readable when viewed from the
sides.
Physical security
Physical security
Retinal – one form of biometric device that
can be used to identify user.
– Matches are made based upon identification of
the blood vessel in an individual retina.
– Rather expensive.
Tailgating – refers being so close to
someone when they enter a building that
you are able to come in right behind them
without needing use a key, a card, or any
other security device.
Digital Security
Description
Focused on keeping harmful data and
malware out as well as on
authorization and permissions.
Focused on:
• antivirus software
• Firewalls
• Antispyware
• User authentication/strong passwords
• Directory permissions
Why do we need Digital Security?
• Within our society, there
are people who are
dishonest and we
must take
precautions, just like
we do when we lock
our doors, to make
sure our digital
information and
equipment are
protected!
Digital Security
Anti-virus Software Operation:
Run in the background at all time
Update the virus definition to recognize new malicious software
Signature-based detection involves searching for known patterns of data within executable code
Generic-based signature are being used to detect new virus by looking for malicious code/slight variants of code in file and will be test in sandbox to see if it performs any malicious actions.
Digital Security
Anti-virus Software Example:
AVG
Avira
Avast
Eset NOD32
Panda
Digital Security
FIREWALL• Device that provides secure connectivity between networks
(internal/external; varying levels of trust)
• Used to implement and enforce a security policy for communication between networks
• Separate local network from the Internet
Trusted hosts and
networks Firewall
RouterIntranet
DMZ Demilitarized Zone:
publicly accessible
servers and networks
Digital Security
FUNCTIONS OF FIREWALL
Restrict incoming and outgoing traffic by IP
address, ports, or users
Block invalid packets
Digital Security
Antispyware
Just as antivirus seeks out and stops viruses from
entering and spreading
Purpose of antispyware software
The OS from Microsoft are the one most affected
by spyware, and Microsoft has released
Windows Defender and Security Esentials
Digital Security
User authentication/strong passwordsA strong password is a password that meets the following guidelines:
- Be seven or fourteen characters long, due to the way in which encryption works. For obvious reasons, fourteen characters are preferable.- Contain both uppercase and lowercase letters.- Contain numbers.- Contain symbols, such as ` ! " ? $ ? % ^ & * ( ) _ - + = { [ } ] : ; @ ' ~ # | \ < , > . ? /- Contain a symbol in the second, third, fourth, fifth or sixth position (due to the way in which encryption works).- Not resemble any of your previous passwords.- Not be your name, your friend's or family member's name, or your login.- Not be a dictionary word or common name.
Digital Security
Directory permissions
Can do to improve or change the security of the
directory services deployed.
Can ensure that they don’t become a tool for
an attacker bent on compromising
organization’s security
Thank You
Recommended