secure the computer
DESCRIPTION
secure the computerTRANSCRIPT
Aaron I. MokhtarSr. Executive Content R&D
Outreach Department
SECURING YOUR COMPUTER
POWERED BY
PRESENTED BY
Kementerian Pendidikan
Malaysia
2
Objectives
Copyright © 2012 CyberSecurity Malaysia
we will learn 10 lessons for
protecting our computers by
securing the following
3
Lesson 1: Windows Logins
1.1 Login Screen 1.2 Screen Saver1.3 User Management
4
Access Control
Work-Related Information
company information
(structure, process, systems)
corporate email
business applications access
business servers access
business documents
customer information
vendor information
Personal-Related Information
personal information
personal emails
online banking
social networking
personal documents
personal photos
your dirty little secrets
LIMITING ACCESS TO YOUR COMPUTER
Copyright © 2011 CyberSecurity Malaysia 5
Software Keylogger
The Keylogger allows you to secretly track all activities from all computer users and automatically receive logs to a desire e-mail
6
Lesson 1.1: Login Screen
Copyright © 2012 CyberSecurity Malaysia
CONTROL ACCESS TO YOUR COMPUTER
7
Lesson 1.2: Screen Saver
Copyright © 2012 CyberSecurity MalaysiaPASSWORD PROTECT YOUR SCREEN SAVER
8
Lesson 1.3: User Management
9
Lesson 2: Passwords
2.1 Password Strength 2.2 Managing Accounts2.3 Managing Password2.4 Dangerous Passwords
Copyright © 2012 CyberSecurity Malaysia
Copyright © 2011 CyberSecurity Malaysia 10
Lesson 2.1: Password Strength
https://www.microsoft.com/security/pc-security/password-checker.aspx
INSURE THE QUALITY
OF YOUR PASSWORD
11
Lesson 2.2: Managing Accounts
DON’T USE THE SAME PASSWORD
Copyright © 2012 CyberSecurity Malaysia
Avoid creating passwords that use:
Dictionary words in any language.
Words spelled backwards, common misspellings, and abbreviations.
Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty).
Personal information. Your name, birthday, driver's license, passport number, or similar information.
12
Lesson 2.3: Managing Password
Copyright © 2012 CyberSecurity Malaysia
HAVE GOOD PASSWORD HABITS
13
Lesson 2.4: Dangerous Password
Avoid the obvious
14
3) Antivirus Software
Antivirus Software3.1 Antivirus Categories3.2 Online Scanner3.3 Signature Updates3.4 Signature Updates
Copyright © 2012 CyberSecurity Malaysia
15
Lesson 3.1: Antivirus Categories
Free Edition Antivirus
Commercial Antivirus
Online Scanner
Copyright © 2012 CyberSecurity Malaysia
Copyright © 2011 CyberSecurity Malaysia 16
Lesson 3.2: Online Scanner
Copyright © 2011 CyberSecurity Malaysia 17
Lesson 3.3: Antivirus Comparatives
http://www.av-comparatives.org/
18
Lesson 3.4: Signature Updates
Virus Definition
Computer
Copyright © 2012 CyberSecurity Malaysia
19
4) Operating System
Operating System4.1 Service Pack 4.2 Validate Win & Office4.3 Microsoft Support4.4 Windows Security Centre
Copyright © 2012 CyberSecurity Malaysia
20
Lesson 4.1: Service Pack
http://windows.microsoft.com/en-US/windows/downloads/service-packs
Copyright © 2012 CyberSecurity Malaysia
21
Lesson 4.2: Validate Windows and Office
http://www.microsoft.com/genuine/validate/
Copyright © 2012 CyberSecurity Malaysia
22
Lesson 4.3.1: Microsoft Fix it
http://support.microsoft.com/fixit/
Copyright © 2012 CyberSecurity Malaysia
23
Lesson 4.3.2: Microsoft Product Lifecycle
http://support.microsoft.com/gp/lifeselect
Copyright © 2012 CyberSecurity Malaysia
Copyright © 2011 CyberSecurity Malaysia 24
Lesson 4.4: Windows Security Center
Windows Start > Control Panel > Security > Check this computer’s security status
25
5) Application
Application5.1 Paid Application 5.2 Cracked Application5.3 Malicious Application
Copyright © 2012 CyberSecurity Malaysia
26
Lesson 5.1: Paid Application
Copyright © 2012 CyberSecurity Malaysia
27
Lesson 5.2: Cracked Application
Copyright © 2012 CyberSecurity Malaysia
28
Lesson 5.3: Malicious Application
Copyright © 2012 CyberSecurity Malaysia
Rogue Antivirus
29
Lesson 5.3.1: Potentially Unwanted Program
Copyright © 2012 CyberSecurity Malaysia
30
6) Patches & Updates
Patches Updates6.1 Microsoft Download Centre6.2 Windows Updates6.3 Third Party Updates
Copyright © 2012 CyberSecurity Malaysia
Copyright © 2011 CyberSecurity Malaysia 31
Lesson 6.1: Microsoft Download Center
http://www.microsoft.com/download/en/default.aspx
32
Lesson 6.2: Windows Updates
Copyright © 2011 CyberSecurity Malaysia 33
Lesson 6.3: Third Party Updates
http://secunia.com/vulnerability_scanning/personal/
34
7) Internet Access
Internet Access7.1 Wired Network7.2 Wireless Network7.3 Other Computer
Copyright © 2012 CyberSecurity Malaysia
35
Lesson 7.1: Wired Network
REMOTE CODE EXECUTION
VIRUS & MALWARE
WEB APP ATTACKS
Copyright © 2012 CyberSecurity Malaysia
Copyright © 2011 CyberSecurity Malaysia 36
Lesson 7.2 Wireless Network
37
Lesson 7.3: Other Computer
Security Questions
Copyright © 2012 CyberSecurity Malaysia
38
8) Networking Devices
Networking Devices8.1 Microsoft Keyboard8.2 Webcam
Copyright © 2012 CyberSecurity Malaysia
39
Lesson 8.1: Wireless Keyboard
https://www.dreamlab.net/files/articles/27_Mhz_keyboard_insecurities.pdf
The team of Dreamlab Technologies has hacked two wireless keyboards fromMicrosoft. Dreamlab warns that it is possible to “sniff” the keyboard strokes -possible to capture and decrypt keystrokes - user names, passwords, bankdetails or confidential correspondence can be very easily copied.
Copyright © 2012 CyberSecurity Malaysia
Copyright © 2011 CyberSecurity Malaysia 40
Lesson 8.2: Webcam
Webcam
Copyright © 2012 CyberSecurity Malaysia
41
9) External Devices
External Devices9.1 Thumb Drive, External HD, CD/DVD9.2 AutoPlay
Copyright © 2012 CyberSecurity Malaysia
42
Lesson 9.2: AutoPlay
Copyright © 2012 CyberSecurity Malaysia
43
10) Online Surfing
Online Surfing10.1 Internet Browser10.2 Malicious website10.3 Phishing website
Copyright © 2012 CyberSecurity Malaysia
Copyright © 2011 CyberSecurity Malaysia 44
Lesson 10.1 Web Browser
Copyright © 2011 CyberSecurity Malaysia 45
Lesson 10.1.1: Browser Preferences
Copyright © 2011 CyberSecurity Malaysia 46
Lesson 10.1.2: Clear Browsing Data
47
Lesson 10.2: Malicious Website
Copyright © 2011 CyberSecurity Malaysia 48
Lesson 10.3: Phishing Attacks
Copyright © 2012 CyberSecurity Malaysia 49
Lesson 10.3.1: Check the Suspicious Website
50
Summary
Windows Logon
Password
Antivirus Software
Operating System
Application
Patches Update
Internet Access
Networking Devices
External Devices
Online Surfing
Act Now!
Copyright © 2012 CyberSecurity Malaysia
51
Objectives
Copyright © 2012 CyberSecurity Malaysia
we will learn 10 lessons for
protecting our computers by
securing the following
Windows login
PasswordsAntivirus Software
Operating System
Applications PatchesInternet Access
Networking Devices
External Devices
Online Surfing
Copyright © 2012 CyberSecurity Malaysia 52
Action Time!
“If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology”- Bruce Schneier
Netbook Laptop Desktop
Corporate Office:
CyberSecurity Malaysia,Level 8, Block A,Mines Waterfront Business Park,No 3 Jalan Tasik, The Mines Resort City,43300 Seri Kembangan,Selangor Darul Ehsan, Malaysia.
T +603 8946 0999F +603 8946 0888
www.cybersecurity.my
Copyright © 2011 CyberSecurity Malaysia 53