Chapter 27

Securing Computers

1
Episode: Threats

Core 2: 2.1 Summarize various security measures and their

purposes.
Objective(s): Core 2: 2.4 Explain common social-engineering attacks, threats,
and vulnerabilities.
Core 2: 3.2 Given a scenario, troubleshoot common personal
computer (PC) security issues.

2
Episode Description

You can’t protect your networks unless you

understand the threats they face. Using the
concept of security shells makes it easier to
categorize and mitigate threats.

3
Key Terms
• 2:07 - Objective term - Man-in-the-middle (on-
path) attack
• 3:30 - Objective term - Spoofing
• 4:26 - Objective term - Denial of Service (DoS)
• 5:25 - Objective term - Distributed Denial of
Service (DDoS)
• 5:51 - Zombie
• 6:46 - Objective term - Zero day
• 7:47 - Objective term - Renamed system files
• 8:13 - Objective term - Disappearing files

4
Quick Review
• The term "security" encompasses host-
based, network-based, and physical
security
• Common threats include man-in-the-middle
(on-path), Denial of Service (DoS), and
Distributed DoS (DDoS) attacks
• Symptoms of such attacks include
renamed system files, missing files,
and more

5
Episode: Dealing with Threats

Core 1: 2.4 Summarize services provided by networked hosts.

Core 1: 2.8 Given a scenario, use networking tools.
Objective(s): Core 2: 2.3 Given a scenario, detect, remove, and prevent malware using the
appropriate tools and methods.
Core 2: 2.4 Explain common social-engineering attacks, threats, and
vulnerabilities.

6
Episode Description

Once you understand threats, you can

mitigate those threats by reducing
vulnerabilities. This episode covers the core
tools and actions you must do as a tech to
reduce threats. These tools and actions
include patching software, running anti-
malware, and installing firewalls and
intrusion detection/prevention systems.

7
Key Terms
• 0:47 - Objective term - Patch your system!
• 1:43 - Objective term - Run anti-malware and
antivirus
• 1:58 - Objective term - Run a host-based
software firewall
• 2:41 - Intrusion detection systems (IDS)
• 3:43 - Intrusion prevention systems (IPS)
• 5:02 - Endpoint management
• 5:55 - Objective term - Unified Threat
Management (UTM)

8
9
Quick Review
• Host-based security includes patching,
anti-malware/antivirus, and firewalls
• Network-based security includes
intrusion detection (IDS), intrusion
prevention (IPS), and firewalls
• Unified Threat Management (UTM)
includes IDS/IPS, firewalls, and anti-
malware all in one and is often available
in the Cloud

10
Episode: Physical Security

Core 1: 3.4 Given a scenario, install and configure motherboards,

central processing units (CPUs), and add-on cards.
Objective(s): Core 2: 1.7 Given a scenario, apply application installation and
configuration concepts.
Core 2: 2.1 Summarize various security measures and their
purposes.
Core 2: 2.6 Given a scenario, configure a workstation to meet
best practices for security

11
Episode Description

Secure your assets in three layers:

perimeter, rooms, individual devices. Mike
explores options for each layer, from
security guards at the perimeter to cable
locks on individual devices.

12
Key Terms

• 1:35 - Objective term - Security guard

• 2:00 - Objective term - Mantrap (access
control vestibule)
• 2:41 - Objective term - Locking doors
• 2:51 - Objective term - Need a key
• 2:53 - Entry control roster

13
Key Terms

• 3:25 - Objective term - Badge reader

• 3:26 - RFID-chips embedded in badges
• 3:54 - Objective term - Smart card
• 4:12 - Objective term - Biometric
scanners/locks
• 4:52 - Objective term - Cable locks to
secure hardware

14
Key Terms

• 5:20 - Objective term - Server lock

• 5:50 - Objective term - USB locks
• 6:26 - Privacy screens
• 7:05 - Objective term - Key fobs
• 7:15 - Objective term - Hardware token/
Hardware Security Module (HSM)

15
 Mantrap (Access Control Vestibule)

Source: https://www.newtonsecurityinc.com/datacenter_landing.html

16
Quick Review
• Physical security includes perimeter
security, room locks, and individual device
security
• Security guards and mantraps help
perimeter security
• Locks, badges, smart cards, and biometrics
enable room-level security
• Device security devices include server
locks, USB locks, and screen filters

17
Episode: Passwords and Authentication

Core 2: 2.1 Summarize various security measures and their

purposes.
Objective(s): Core 2: 2.4 Explain common social-engineering attacks, threats,
and vulnerabilities.
Core 2: 2.6 Given a scenario, configure a workstation to meet
best practices for security.

18
Episode Description

Password security can be compromised by

many attack types, such as brute force,
dictionary, and rainbow tables. This episode
explores options for creating very secure
passwords and using multifactor
authentication.

19
Key Terms
• 0:55 - Hash
• 3:37 - Objective term - Brute-force
• 5:44 - Objective term - Dictionary attack
• 7:16 - Rainbow tables
• 9:09 - Objective term - Password best
practices
• 9:13 - Objective term - 1. Set strong
passwords

20
Key Terms
• 9:16 - Objective term - Make complex
passwords with upper- and lowercase letters
and use different character types
• 9:36 - Objective term - Looooong passwords
• 10:37 - Objective term - 2. Password
expiration
• 10:54 - Objective term - (Also...make sure
your employees aren't taping their passwords
to their monitors...)

21
Key Terms
• 11:22 - Objective term - 3. Require
screensavers with password login on desktops
• 11:49 - Objective term - 4. Require lock screens
with passwords on mobile devices
• 12:20 - Objective term - 5. BIOS/UEFI
passwords
• 12:36 - 6. Require passwords everywhere!
• 13:01 - Objective term - 7. Multifactor
authentication (MFA)

22
Password Cracking Websites

• How Secure is My Password?

– https://howsecureismypassword.net
• CrackStation
– https://crackstation.net/

23
Download Kali Linux

• This is a bit beyond A+ and more into

Security+, but if you’re interested in
hacking, password cracking, cyber
attacks, and more, check out Kali Linux.
You can download the iso and run it on
your virtual machine manager of choice:
– https://www.kali.org/get-kali/

24
Quick Review
• Modern password security relies on
passwords and hashes
• Methods for cracking passwords and
hashes include brute force,
dictionary attacks, and rainbow tables
• Use best password practices, such as
upper- and lowercase letters, numbers,
non-alphanumeric characters, and making
long passwords

25
Episode: Multifactor Authentication (MFA)

Core 1: 1.1 Given a scenario, install and configure laptop hardware and
components.
Core 1: 2.4 Summarize services provided by networked hosts.
Objective(s): Core 2: 2.1 Summarize various security measures and their purposes.
Core 2: 2.5 Given a scenario, manage and configure basic security
settings in the Microsoft Windows OS.

26
Episode Description

Multifactor authentication (MFA) is the

process of proving you are who you say you
are using unique identifiers that only you
have or know. This episode explores the
different options for MFA, as well as some
interesting biometrics like fingerprint, facial,
and retinal scanning.

27
Key Terms
• 0:15 - Objective term - Multifactor
authentication (MFA)
• 0:21 - Something you know
• 0:49 - Two-factor authentication (2FA)
• 0:55 - Something you have
• 1:06 - Objective term - Hardware token
• 1:13 - Objective term - Authenticator
application
• 1:36 - Something you are

28
Key Terms
• 1:40 - Objective term - Biometrics such as
fingerprint, palmprint, or retinal scanners
• 1:54 - Objective term - Facial recognition
• 1:59 - Somewhere you are
• 2:11 - Objective term - Supervisory Control
and Data Acquisition (SCADA)
• 3:17 - Objective term - OS login options
include facial recognition, fingerprint
recognition, and personal identification
number (PIN)

29
Quick Review
• Multifactor authentication (MFA) is a
mechanism to help verify access to a
particular resource using multiple forms of
proof
• MFA includes one or more of the following:
something you know, something you have,
something you are, or somewhere you are
• Modern MFA can utilize unique biometric
details, like retinal, fingerprint, or facial
scans, or even detect your exact location

30
Episode: Malware

Core 2: 2.3 Given a scenario, detect, remove, and prevent malware

using the appropriate tools and methods.
Core 2: 3.2 Given a scenario, troubleshoot common personal computer
Objective(s): (PC) security issues.
Core 2: 3.4 Given a scenario, troubleshoot common mobile OS and
application issues.

31
Episode Description

Malware comes in many forms; infestations

have many symptoms. This episode
describes malware in all its lovely shades of
ugly, from viruses and worms to
spontaneous application crashes and invalid
certificate errors.

32
Key Terms

• 1:15 - Objective term - Virus

• 2:24 - Worm
• 2:58 - Objective term - Trojan horse
• 3:42 - Objective term - Rootkit (boot
sector virus)
• 4:26 - Objective term - Ransomware

33
Key Terms

• 4:43 - Objective term - Rogue antivirus

• 5:37 - Botnet
• 6:28 - Objective term - Keylogger
• 7:12 - Objective term - Spyware
• 8:31 - Objective term - Pop-ups
• 9:10 - Objective term - Browser
redirection

34
Key Terms
• 9:45 - Objective term - Security/desktop
alerts
• 10:06 - Objective term - OS update failure
• 10:27 - Spam
• 11:17 - Hijacked e-mail
• 11:35 - Automated replies
• 12:01 - Objective term - Invalid certificates
• 13:12 - Objective term- Network LAN tap

35
Quick Review
• Worms propagate via a network
• Trojans masquerade as benign programs,
but carry a payload for later
• Ransomware attacks lock down systems
in exchange for money
• Malware infestations manifest as browser
redirection, application crashes, update
failures, and more

36
Episode: Anti-Malware

Core 2: 2.3 Given a scenario, detect, remove, and prevent

malware using the appropriate tools and methods.
Objective(s): Core 2: 3.1 Given a scenario, troubleshoot common Windows OS
problems.
Core 2: 3.3 Given a scenario, use best practice procedures for
malware removal.

37
Episode Description

The CompTIA A+ objectives outline a very

detailed series of steps for dealing with a
malware infestation. This episode looks at
important pre-malware steps and then
describes the CompTIA procedures.

38
Key Terms
• 0:36 - 1. No such thing as antivirus program
• 0:44 - Objective term - Anti-malware
• 1:13 - Objective term - Recovery console
(now called Recovery mode on the
objectives)
• 1:34 - Objective term - Backup/restore/
reimage
• 1:46 - Objective term - End-user education

39
Key Terms
• 2:08 - Objective term - Software firewalls
• 2:24 - Secure DNS
• 3:02 - 1. Non-ISP DNS servers
• 3:34 - 2. Encrypt DNS requests
• 5:35 - Objective term - 1. Identify and research
(investigate and verify) malware symptoms
• 5:48 - Objective term - 2. Quarantine the infected
systems
• 6:11 - Objective term - 3. Disable System Restore
(in Windows)

40
Key Terms
• 6:38 - Objective term - 4. Remediate the infected
systems
• 6:42 - Objective term - 4a. Update the anti-
malware software
• 7:34 - Objective term - 4b. Scan and use removal
techniques (safe mode, pre-installation
environment)
• 9:52 - Objective term - 5. Schedule scans and run
updates
• 10:27 - Objective term - 6. Enable System restore
and create a restore point (in Windows)
• 10:56 - Objective term - 7. Educate the end user

41
Cloudflare Free DNS

• https://www.cloudflare.com/dns/

42
Quick Review
• Prepare for malware attacks with good
backups, end-user education,
and firewalls
• Use secure DNS options, such as a
trusted third-party site and encryption
• Memorize the CompTIA A+ seven-step
malware-recovery process

43
Episode: Social Engineering

Core 2: 2.4 Explain common social-engineering attacks,

Objective(s):
threats, and vulnerabilities.

44
Episode Description

Social engineering practices enable

attackers to gain access to sensitive
information through people. This episode
highlights social engineering tactics, from
tailgating to spear phishing.

45
Key Terms
• 0:42 - Objective term - Impersonation
• 2:14 - Objective term - Tailgating
• 2:56 - Unauthorized access
• 3:11 - Objective term - Shoulder surfing
• 3:40 - Objective term - Dumpster diving
• 4:44 - Objective term - Phishing (targets people via e-
mail/websites)
• 4:44 - Objective term - Vishing (targets people via
voice/phone calls)
• 4:59 - Objective term - Spear phishing (targeting specific
people)
• 4:59 - Objective term - Whaling (targeting high-ranking
people)

46
Quick Review
• Social engineering enables bad people to
use information from people to gain access
to sensitive information
• Social engineering attacks include phishing,
vishing, shoulder surfing, spear phishing,
whaling, tailgating, impersonation, and
dumpster diving
• Phishing, vishing, spear phishing, and
whaling attacks seek personal or financial
information with targeted scams

47
Episode: Licensing

Core 2: 4.6 Explain the importance of prohibited

Objective(s): content/activity and privacy, licensing, and policy
concepts.

48
Episode Description

Some software is free to use. Some is free

for non-commercial use. Some requires a
paid license for any purpose. Some licenses
focus on the number of human users, while
others focus on the number of systems, or
even the number of processors! This
episode explores them all.

49
Key Terms
• 0:49 - “An Open Letter to Hobbyist” - Bill Gates, 1976
• 0:56 - Required licensing fee for the BASIC programming
language
• 1:01 - Licensing
• 1:11 - Objective term - End-user license agreement (EULA)
• 1:55 - Objective term - Digital rights management (DRM)
• 2:55 - Objective term - Commercial/corporate license
• 3:11 - Objective term - Open-source
• 3:32 - GNU General Personal license (GNU GPL)
• 5:13 - Objective term - Personal license
• 5:31 - Enterprise license
• 6:26 - Per-processor license for Windows

50
Quick Review
• An End-user license agreement (EULA)
describes what users can do with licensed
software
• Digital rights management (DRM) controls
what users can do with some content
• Producers retain all rights to commercial
software
• Open-source software enables users to
change or modify the software

51
Episode: Incident Response

Core 2: 4.6 Explain the importance of prohibited

Objective(s): content/activity and privacy, licensing, and policy
concepts.

52
Episode Description

Although procedures can vary among

companies, the CompTIA A+ objectives
follow a logical set of responses. This
lesson describes each step.

53
Key Terms

• 0:55 - Objective term - Incident response

• 1:12 - Know your responsibility
• 1:31 - Identify the problem
• 1:48 - Objective term - Report though the
proper channels (inform management/law
enforcement as necessary)

54
Key Terms

• 2:11 - Objective term - Data/device

preservation (protect the data integrity)
• 2:43 - Objective term - Document the
incident and surroundings
• 3:26 - Objective term - Document
changes
• 3:36 - Objective term - Chain of custody

55
Quick Review
• Know your responsibilities
• Be sure to report the incident to the correct
management and/or law enforcement
agency based on company policies
• Preserve data integrity by copying the
suspicious drive
• Exercise proper chain-of-custody
procedures and always document,
document, document

56
Episode: Environmental Controls

Core 2: 4.4 Given a scenario, use common safety

procedures.
Objective(s):
Core 2: 4.5 Summarize environmental impacts and local
environmental controls.

57
Episode Description

Controlling environmental factors enables

you to create a safe computing space. This
episode looks at options for disposing of
waste such as old printer cartridges and
controlling temperature and humidity. Mike
describes proper ventilation, electrical
safety, and much more.

58
Key Terms
• 0:46 - Objective term - Compliance to
government regulations
• 0:59 - Occupational Safety and Health
Administration (OSHA) in the US
• 1:53 - Objective term - Material safety data
sheet (MSDS)
• 2:02 - Objective term - MSDSes include how
to safely handle and dispose of materials and
their environmental impacts

59
Key Terms

• 2:33 - Objective term - Temperature and

humidity levels
• 3:17 - Objective term - Proper ventilation
• 3:36 - Objective term - Battery backup
• 3:42 - Objective term - Surge suppressor
• 3:53 - Objective term - Dust and debris

60
Key Terms

• 4:21 - Enclosures
• 4:29 - Objective term - Air filters/mask
• 4:50 - Objective term - Compressed air
• 5:01 - Objective term - Vacuums
• 5:22 - Objective term - Anti-static vacuum

61
Quick Review
• Check the MSDS for any spills or
problems with equipment
• Monitor temperature and humidity levels
• Ensure proper ventilation
• Employ surge suppressors and UPS
backup devices
• Clean systems with compressed air and
specialized vacuums

62
Episode: Malware in Action

Core 2: 3.1 Given a scenario, troubleshoot common Windows OS

problems.
Objective(s): Core 2: 3.5 Given a scenario, troubleshoot common mobile OS
and application security issues.
Core 2: 4.2 Explain basic change management best practices.

63
Episode Description
This episode demonstrates some
destructive malware and ransomware
applications to give you an idea of what to
look for when you suspect a system has
been infected. WARNING! If you attempt
these at home, be sure you’re in a sandbox
or virtual machine that is appropriately
segmented from your network. These
viruses can cause real issues!

64
Key Terms
• 0:22 - Objective term - Sandbox testing
• 1:04 - MEMZ virus
• 2:06 - Objective term - Viruses can lead to
applications crashing, unexpected application
behavior, low memory warnings, system
instability
• 2:26 - Objective term - Viruses can also lead
to services not starting
• 2:34 - Objective term - Some viruses cause
high network traffic which can lead to limited
or no Internet connectivity

65
Key Terms
• 3:04 - Objective term - Data usage limit
notification
• 3:29 - Objective term - Limited Internet
connectivity
• 4:00 - Objective term - Fake security warnings
• 4:15 - Objective term - Leaked personal files/data
• 4:28 - Objective term - High number of ads
• Objective term - Frequent shutdowns
• Objective term - Sluggish response time

66
theZoo on GitHub

• You can use these malware files to

practice in a VM or Windows Sandbox
• WARNING! Don’t install these on your
working machine. Each has a
“destructive” and “non-destructive”
version.
• https://github.com/ytisf/theZoo

67
Quick Review
• Windows Sandbox can be a safe and
effective way to test potentially dangerous
files, but always take the proper
precautions beforehand
• Knowing how malware infects a system is
critical in understanding how to stop it
• Symptoms of malware include applications
crashing, low memory warnings, system
instability, services not starting,
unexplained high network traffic, fake
security warnings, and high number of ads

68