CHAPTER 10 test out
Power Outage
We all know that without electricity, computer systems turn off and lose access to data. But an even bigger concern is that when a computer system loses power abruptly, it can corrupt and lose data. This is why critical systems such as database servers and web servers need to be equipped with a UPS, or uninterruptible power supply. These systems provide a temporary power source during an outage that gives the system enough time to shut down cleanly without data loss or corruption.
Business Continuity Plans
A good disaster recovery plan needs to be informed by the other components of the business continuity plan. For example, a business impact analysis identifies critical business functions that need to be performed during disasters and other times of disrupted operations. Business executives prioritize critical business functions, spell out a recovery timeframe, and estimate the tangible and intangible impacts on the organization. A tangible impact would be financial loss. Intangible impacts are things like loss of customer trust.
Network Attached Storage
A good option for many home and office networks is to install a NAS, or Network Attached Storage, device. These devices contain one or more hard drives that users can access over the network. NAS drives can be used for file sharing, backups, and even streaming media
Man-in-the-Middle
A man-in-the-middle attack is a real-time attack on a live network connection. Let's say we have a client and a server that are communicating with each other. During a man-in-the-middle attack, a hacker intercepts the communication stream between these two. Simultaneously, the hacker's computer tricks the client into thinking it's the server and tricks the server into thinking it's the client. The hacker can then intercept and modify the data in transit. With the right software and the right vulnerabilities, this attack is quite easy to perform. Man-in-the-middle attacks are commonly used to steal credit cards, online bank credentials, and confidential personal and business information
Account Lockout Policies
Account lockout policies are settings that protect an account if users fail to authenticate successfully after a certain amount of attempts. For example, we can have an account lockout threshold set to 6 invalid logon attempts. This means that after users enter six incorrect passwords, they'll be locked out of their account. The purpose of account lockout policies is to prevent hackers from trying to guess someone's password and gain access to the system. But since it's common for users to forget their own password, administrators often need to unlock users' accounts, typically by resetting the password.Account lockout policies can also included an account lockout duration and lockout counter reset time. This means that if an administrator is not available to unlock an account, users can wait a certain amount of time before trying again if they remember their password at a later time
Ad Hoc Backups
Ad hoc backups, which are unscheduled backups performed periodically, are better than no backup at all. But regularly scheduled backups are a much better way to protect data
Data destruction
Another computer security risk relates to disposing of old computers and storage devices. When computers wear out or become obsolete, they're typically replaced with newer systems. However, you need to dispose of them in a manner that prevents sensitive data from being exposed.For example, if you're selling or recycling a computer, you should first use a special utility to wipe the hard disk drive clean. Just deleting the files is insufficient. The data still remains on the drive and can be easily reconstructed by someone with the right skills. Disk wiping software overwrites the hard drive with random data, obliterating any old data that's still on the drive. If you're disposing of a computer, consider destroying the hard disk to make the data it contains inaccessible
Public/Private Classifications
Another popular scheme for classifying information is to use different levels of public/private distinctions. Public with Full Distribution: This classification allows anyone to have a copy of the information. Examples include a public website that everyone can access, company brochures, and marketing material. Public with Limited Distribution: This classification allows public access with restricted distribution. A good example would be a software company that recruits beta testers for their products. An organization like this distributes code or software to a limited group for testing. Beta testers would be required to sign a Non-Disclosure Agreement, or NDA, restricting them from distributing the software and, in most cases, from talking about any of its features. Private: This classification generally has at least two levels.Private Internal includes documents such as personnel records, financial ledgers, accounting documents, and customer lists. This is information you don't want released to the public. Distribution needs to be limited to individuals within the organization.Private Restricted includes trade secrets, strategic information, and anything that's highly sensitive. Publicly exposing this information could seriously damage an organization. Examples include the Google search algorithm or the source code for iOS. If this information were to be leaked, it would cause significant damage to the company. Access to this information would be restricted to a limited group of authorized personnel within the organization.
Pretexting
Another social engineering technique is called pretexting, which attempts to trick the victim into revealing sensitive information under false pretenses. Pretexting can take many forms such as the following: Intimidation attempts to frighten a user into revealing information or performing an action. The attacker assumes a false position of authority over the victim and attempts to intimidate them into providing sensitive information. Familiarity uses the premise of a supposed friendship to convince the victim to do something that they should not, such as provide sensitive information. Social validation uses peer pressure to coerce the victim into bending rules or revealing information that they shouldn't
Malware Detection & Removal
Anti-malware software has two main functions: virus removal and real-time protection. To detect and remove existing malware, Windows Defender can scan the file system for characteristics that might point to an existing malware infection. The problem is that if you run a scan and you find malware on the system, it means your system's already infected and needs to be cleaned up
Anti-Malware
Anti-malware software should also be installed on computer systems to detect and prevent malware infections. Malware includes several types of malicious software: Viruses that attach to files and spread when the files are opened Worms that infect systems and spread automatically through the network Trojan horse programs that appear to be useful programs but secretly install malware without your knowledge Spyware that tracks your computer or browser activity Adware that displays unwanted pop-up advertisements Starting with Windows 7 and later, anti-malware software called Windows Defender is installed and enabled by default on Windows systems. You can also install third-party anti-malware packages. But it's important to know that you can have only one anti-malware package installed on your computer at any one time. If you install a particular package and then later on choose to use a different one, be sure to uninstall the existing package before installing the new one
Service Outage
As businesses rely more and more on cloud hosting solutions for their products and services, their productivity depends on the reliability and quality of their Internet connection. However, even if the Internet is up and running, employees may not be able to access their files when the cloud service is down. Google, Amazon, Microsoft, and other cloud hosting businesses work hard to avoid any downtime, but there will always be short periods of hardware or software failure. For this reason, businesses should keep offline copies of any critically important files or applications.
Logging
At its core, accounting is simply the logging of events. To understand this, we need to understand two terms: events and logging. An event can be just about anything that happens on a computer - a user signing in or signing out, accessing or modifying a file, and visiting a website are all commonly used as accounting events. Logging is keeping a detailed list of each event. For example, whenever a user signs into a computer, the log will record the user's name, which computer they accessed, the date and time of the login, and how long they stayed signed in
Password Managers
Because most users have dozens of accounts for various applications and websites, many people choose to use a password manager. These programs are installed as an app or a web browser extension that's accessed with a master password. The password manager generates and encrypts passwords for all of your individual accounts. Most password managers are safer and more secure than storing a list of usernames and passwords - and much better than using the same password for multiple accounts. The main risk with password managers is if the master password is somehow compromised
Browser Attacks
Browser attacks are a type of social engineering that convinces the victim that they are performing a legitimate task within their web browser window, when in fact they are being tricked into revealing sensitive information or installing malware on their computer. Browser-based attacks can take many forms including the following: Pharming redirects web traffic sent to a legitimate site to a malicious site that looks identical to the real website. Once there, the attacker tricks the victim into supplying sensitive information, such as usernames, passwords, bank account numbers, or credit card numbers. Rogue anti-virus attacks employ a pop-up browser window that tells the user their computer is infected with a virus and that they must click a link to clean it. Sometimes this exploit merely tricks users into paying for worthless software they don't need. However, it is also frequently used to install malware on the victim's computer. Technological security measures are only partially effective against these types of attacks. The best defense is user education and awareness
Off-site Backups
Business continuity and disaster recovery plans always need to account for the local destruction of data and devices. Traditionally, offsite backups are stored on DLT tape cartridges within a tape vault. The large storage capacity of these systems makes them ideal for server backups. The location of these backups needs to be far enough from a possible natural disaster, while being close enough to recover the data and systems within a reasonable amount of time.
Manual Scans
By default, Windows Defender is going to scan your system on a regular schedule. However, if you're concerned that some type of malware may have found its way into your system and you don't want to wait until the next scheduled scan, you can go to the Windows Defender Security Center from the Settings App and manually scan the system. Windows Defender gives you three scanning options to choose from: A quick scan tells Windows Defender to check for malware but it's only going to look in the places where it's most likely to be found, such as your system folders. It does not scan the entire hard disk drive. The full scan option means it scans every file on the entire hard disk drive. The disadvantage of a full scan is that it takes a lot longer to go through every single file on the hard disk. A custom scan allows you to run the scan where you think the malware might be. You can click Custom and then select the location that you want to scan
Government/Military Classifications
Companies that work with government and military contracts need to be aware of their classification levels. The specific levels we'll talk about here are used by the United States government, but most countries use a similar system. Unclassified: This information can be viewed by the public and poses no security threat. Sensitive but Unclassified: This occurs when the government or military would prefer that the information not be available, but it's still unclassified. Disclosure could cause harm, but the harm would be minimal. Confidential: This classification allows restricted information release under the Freedom of Information Act. Releasing this information to the public could possibly damage military efforts. Secret: Examples of secret information include troop movements, deployments, and overall capabilities. Disclosure of Secret information could cause serious, irreparable damage. Top Secret: Top secret is the highest classification. This includes weapons programs and intelligence-gathering activities. The release of Top-Secret information can pose a grave threat to the country and national securit
Power Redundancy
Computers need a constant supply of electricity to work. To protect against data or service loss from power outages, it's important to have power redundancy. An easy way to do this for individual machines is to plug them into an uninterruptible power supply, or UPS. A UPS is a large battery that's connected both to the computer and the wall outlet. As long as power is coming in from the wall, the computer uses that power directly. However, if the power from the wall shuts off, the computer immediately jumps to battery power
Data Destruction Policies
Data security policies need to include directions for disposing and even destroying data when it's no longer needed or when a storage device needs to be replaced. This is especially important when dealing with highly sensitive or classified information. Data destruction techniques include using a special utility to wipe hard disk drives clean by overwriting them with random data. Another option is to physically destroy the hard disk to make the data it contains inaccessible.
Database Backups
Database servers require a different sort of backup process. Because enterprise databases are constantly in use, database backups need to account for transactions that may not have been fully committed when the backup was created. These backups are typically performed by database management systems.Databases require the following types of backups. Full backups are backups of all data at specific points in time. Differential backups include only the data that has changed since the last full backup. Transaction log backups allow administrators to restore a database to a particular moment in time by rolling back transactions and preserving database integrity.
Data File Backups
Electronic data files can easily become corrupted, lost, or destroyed, especially when a storage device fails. They can also be deleted or modified by users accidentally. But electronic data is easy to back up. With a backup process in place for data files, users can be prepared for just about anything
Email Attacks
Email attacks are a form of social engineering that attempt to exploit a victim using email messages. Email attacks may come in the following forms: Phishing emails are crafted to appear as though they were sent from a legitimate organization, such as a bank or an e-commerce website. These emails convince the user to click on a link that takes them to a malicious website where they are then tricked into providing sensitive information. Spear phishing is a variation of phishing attacks that involves first gathering as much information about the victim as possible, such as identifying which online banks they use or where they shop online. The attacker then sends phishing emails that appear to be from the trusted bank or web store. Nigerian scams use emails to trick the user into to sending a small amount of money in return for a supposedly greater amount of money later. Email hoaxes prey on email recipients who are overly-trusting. Usually these hoax messages trick the reader into deleting key system files or downloading malware
Firewalls
Firewalls control the flow of network traffic and protect systems from unauthorized network connections. They're configured with a set of rules that define what kind of traffic is allowed and not allowed. For example, if a malicious user on the Internet tries to establish a connection to your computer, the firewall identifies this as a violation and blocks the connection. There are two general types of firewalls: network firewalls and host firewalls. Network firewalls are configured at the border of your network, where it connects to the Internet. By placing a firewall in this location, it can protect an entire network. Host firewalls are installed on individual computer systems and can protect only that system. Typically, most networks will use both types of firewalls. Network firewalls need to be purchased and manually installed. However, host-based firewalls are usually installed and enabled by default on most modern computer systems
Network Redundancy
For a server to work, it must be connected to the other computers on the network. Without this connection, the server may as well not exist. There are two main ways to provide fault tolerance for a server. The first way is to install multiple network interface cards into the server. If one card fails, the others can take over. The other way is to allow multiple paths between the server and the computers on the network. With redundant connections, it's much less likely that a server will be cut off from the network.
Local Backups
For convenience, administrators often store backups locally - in the same building or even the same room as the computer systems they're backing up. This allows data to be restored quickly if a storage device or system fails or if a user unintentionally deletes a critical file. A disadvantage to local backups is that they do not prepare organizations for more widespread failures, such as natural disasters
Data Redundancy
Hard disks are notorious for failing unexpectedly. To avoid data loss, many systems implement a RAID, or Redundant Array of Independent Disks. With a RAID, all data is stored on two or more disks simultaneously. If a disk fails, the data can still be accessed by using the other disks. Another data redundancy strategy is replication, which is basically copying data to a different physical location. That way, the data will be protected even in the event of a fire or other disaster
Hardware Failure
Hardware failures can occur for a number of different reasons, such as power surges and spikes, overheating, and dust accumulation. While some of these causes can be prevented, computer components such as hard disks will eventually fail. To maintain access to data on critical systems, most businesses maintain redundant copies of data on separate disks.
Non-repudiation
If someone is caught trespassing on a network or stealing data, they're probably going to say it wasn't them. Non-repudiation is taking measures to prove that it most definitely was. One of the most common non-repudiation techniques is to set up surveillance cameras - it's hard to deny you committed a crime when a video recording shows you in the act. Another non-repudiation measure is to implement strong authentication protocols. Because type 3 biometric factors like fingerprints and retinal scans are hard to duplicate, they provide strong evidence that an account was being used by its proper owner and not by an intruder
Replay Attacks
In a replay attack, a hacker sniffs the packets between a client and a server in hopes of catching authentication information. When the client and server are no longer communicating, the hacker resends the captured authentication material and tries to connect to the server. The server thinks the hacker's computer is the original client and accepts the connection. In this case, the hacker doesn't even have to decrypt the captured authentication information. He can simply submit the still-encrypted credentials and hope the target system just accepts them, whatever they may be. After authenticating to the system, the hacker gains access to the victim's resources or data.
Restoring Access
In addition to restoring data, disaster recovery plans include procedures on how to resume applications and restore access to data, hardware, communications, and other IT infrastructure. Systems need to be brought back online carefully, in the proper sequence, to ensure that the core systems come up first. Once the disaster has concluded, plans need to be in place for reverting to the original site. To make sure the plan will be successful, it's important to conduct disaster recovery exercises that simulate real-world disasters
Restoring Data
In most cases, bringing mission-critical systems back online includes restoring databases needed by employees and customers. Essential data can be restored from backups that have been stored off-site or on the cloud. Another option would be to switch over to an alternate site that has replicated essential data and services. Data restoration plans need to verify that the data have not been have been corrupted and that replicated databases have been synchronized
Virus Definitions
In the Windows Defender Security Center, we can check and see if our virus definitions are up to date. Definitions are files that are used by Windows Defender to locate threats such as viruses and spyware. It's important that these definitions are kept up to date to protect your system from any possible new viruses or threats. Windows Defender will automatically update protection definitions periodically, but you can also manually force an update in the Windows Defender Security Center. You can go to the History tab to see a list of items that were detected as potentially harmful.
Unauthorized Changes
Man-in-the-middle attacks, replay attacks, and session hijacking are often used to gain unauthorized access to a system. With system access, hackers can steal even more confidential information. They can also alter or corrupt data. Cyber criminals often launch destructive malware attacks that compromise data integrity and disrupt communication networks.
Mandatory Access Control
Mandatory access control is also a rule-based control system. It uses security clearance levels to decide which users can access which resources. Each object in a system is given a numeric clearance level, as is each user. The more sensitive the data, the higher its level. To access a given resource on the system, a user must have a clearance level equal to or higher than the level of the resource. Mandatory access control is often used by governments and militaries
Information Sensitivity
Many organizations classify information based on a scale of high, medium, or low sensitivity. High: Highly sensitive information includes the personally identifiable information, or PII, of employees or customers, such as home address, driver's license number, and date of birth. It also includes protected health information, or PHI, such as patients' medical records, payment history, and current health status. This highly sensitive information needs to be secured against hackers and disposed of according to applicable laws and regulations. Confidential company information that could result in an extreme loss of public trust, financial loss, or operational harm would also be classified as highly sensitive. Medium: If the public disclosure of information could possibly result in significant though not extreme harm, financial loss, or personal embarrassment, it would be classified with a medium sensitivity. Low: Information of low sensitivity would result in limited or no harm when publicly disclosed
Group Password Policies
Most companies use a configuration setting called an account policy to encourage employees to choose secure passwords. Account policies can be configured on individual computers or they can be grouped together and stored on a network domain as a group policy. Group policies can be applied to any account that logs into the domain.The following are a few local account policy settings that you can enforce on Windows: Password history is a setting that is designed to keep people from reusing old passwords. With password history enabled, you can choose from 1 to 24 passwords for the system to remember. A value of 24 means that the user has to use 24 unique passwords before they'll be allowed to reuse a password that they'd used before. Maximum password age is a setting that determines how long a user can keep the same password before it expires and they're forced to change it. A typical value for this setting is 90 days. Minimum password age is a setting that prevents users from reverting back to their old password immediately after they've changed it. This is usually set to one day. Minimum password length can be set from 0 to 14 characters. Password complexity is a setting that makes sure a password doesn't include a user's account name and that it includes a combination of lower- and upper-case letters, numbers, and non-alphabetic characters such as dollar signs, exclamation marks, and percent signs. Storing passwords using reversible encryption is a feature that should be disabled because enabling it can allow certain applications to essentially store passwords as plain text. This would make user accounts much less secure
Reconnaissance
Reconnaissance is one kind of social engineering exploit that passively gathers information about a potential victim. The goal is to identify important information needed to further exploit the victim. Common reconnaissance techniques include the following: Shoulder surfing involves looking over a user's shoulder, looking for sensitive information displayed on the screen, or even watching keystrokes being typed on a keyboard. Eavesdropping involves overhearing a conversation to obtain sensitive information. Dumpster diving involves searching through trash looking for discarded documents containing sensitive information.
Regular Backups
Regularly scheduled, daily backups are essential for businesses that rely heavily on stored data and information. These are usually scheduled each evening to avoid any work disruption during the day. While individual users can install and use their own external hard drives or other backup systems, most businesses require users to store important files on network servers. These servers can be backed up efficiently through data redundancy, replication, and traditional backup systems
Role-based Access Control
Role-based access control systems modify the ACL based on pre-configured rules, as opposed to discretionary systems where a single user can grant or revoke privileges at will. In other words, role-based access control systems grant different permissions to different kinds of users based on their user role. For example, in this course as a student user, you have permission to view course resources, such as videos, labs, and text lessons. You also have permission to view your own gradebook. However, you don't have permission to view your classmates' grades or make direct changes to the gradebook. Teachers have all the same permissions as students, plus the ability to view and edit all student grades in their classes. However, they can't access grades for other teachers' classes. Administrators can view and edit the grades for every student at the school, regardless of who their teacher is. In each case, the user's permissions are determined by their role
Single Sign-on
Single sign-on is a method in which logging into one system gives access to other related systems. A common example of single sign-on is Google services. By authenticating one time, you gain access to your Gmail, YouTube, and Google Drive accounts.
Snooping
Snooping occurs when a person tries to secretively discover private information about a person, company, or other entity. This is often an insider threat within organizations. For example, an employee may casually observe a confidential email on a fellow employee's computer. He then waits for an opportunity to look at additional emails when the computer is left logged in but unattended. Another example is an IT employee who uses her administrative access to snoop in confidential employee files.
Social Engineering
Social engineering attacks use deception to gain personal and/or private information for unlawful purposes. Attacks may be done in person, on the phone, in a browser window, or through an email message. Attackers are often more successful in obtaining confidential information using social techniques rather than technology, such as wiretapping. To stay safe, you should be aware of social engineering exploits that are common on the Internet. Attackers often trick victims into revealing sensitive information
Anti-Spam
Spam is unwanted, unsolicited email that's sent to your email account. Some spam is merely annoying, not presenting a security risk to your computer. However, spam often carries viruses, advertisements for questionable products, and phishing attacks. Some anti-malware software can also block spam for you, but some can't. If your package doesn't, you should consider installing additional anti-spam software or switching to an anti-malware package that's capable of blocking spam
Data destruction
System administrators are often responsible for the disposal and destruction of sensitive data stored on old hard disks. This is particularly important when storage devices leave an organization. However, data destruction can also occur for malicious or accidental reasons. Natural disasters, acts of terrorism, and accidental coffee spills can all harm computer components and destroy data. To prepare for these events, businesses need to store regular backups of data in different locations
Multifactor Authentication
Systems and accounts that need extra security often require multifactor authentication, generally from two or more types. This simply means you have to authenticate yourself two or more times to gain access to a system. A common example is to require a type 1 password and a type 2 smart card.
Discretionary Access Control
The discretionary access control, or DAC, model emphasizes the importance of the owner, or creator, of a resource. Under DAC, the owner is the only person with full access rights to the resource, and it's up to them to modify the ACL to allow others to view, edit, or copy. Google Docs is a common example of the DAC model. Whoever creates a document is the owner, and they can choose how and with whom to share it. They can also transfer ownership to another user
Cloud Storage
The emergence of cloud storage has changed the way many businesses backup their data. In some cases, cloud storage can fulfill the requirement for offsite backups. Cloud storage provides a convenient, flexible, and scalable alternative to traditional backup methods. One disadvantage of using the cloud is that a remote backup requires a lot of network bandwidth and a reliable Internet connection. Cloud backups and restores may take significantly longer than using local storage devices
Denial of Service
The goal of a denial of service attack is to overload a system so that the services it provides are no longer available to legitimate network clients. To understand how these attacks work, consider a simple analogy. Suppose you went to the bank to deposit a check. When you get to the bank, you find that the lobby is completely filled with people and you're unable to get inside. To top it all off, none of the people inside the bank even have a bank account. They're just there to disrupt the bank's ability to service actual customers.This is similar to how a denial of service attack occurs. For example, let's say your company has a web server that provides product manuals and driver downloads to customers. With a denial of service attack, the attacker overloads the server with bogus requests to the point where legitimate requests from actual customers will never get through. In some cases, a denial of service attack may even exploit a flaw in the operating system of the server that can cause it to reboot or crash.A variation of this type of attack is called a distributed denial of service attack. In this case, the attacker uses bot malware to enlist multiple systems to increase the magnitude of the attack. The compromised systems, called zombies, are infected with malware that allows them to be remotely manipulated by an attacker who's often called a zombie master.
Restoring Data from Backup
The only way to ensure that you have protection against data loss is to regularly test your restoration procedures. This activity will reveal whether your backup process is functioning properly and whether your restoration and recovery procedures are accurate. Restoration privileges should be restricted to trusted staff to prevent confidentiality violations
Real-time Protection
The second aspect of system protection is detecting malware before it infects your system. An example of this would be downloading a file from a malicious website on the internet. This is what we mean by real-time protection. Instead of just scanning for malicious files on your hard disk drives, real-time protection watches what you're doing and tries to detect malware as it's entering the system
Impersonation
The term impersonation usually refers to a social engineering tactic where a hacker pretends to be a member of senior management who is authorized to gain access to a system. But hacking technology can also be used more directly to hijack a networking session and masquerade as another identity. For example, in a TCP session hijacking, the attacker gains access to a host on the network and then logically disconnects it. After cutting off the client end, the hacker then pretends to be the client, tricking the server. The concept of session hijacking can also be used with an HTTP session. For example, the hacker could hijack someone's cookies from their web browser. To the web server, the hacker appears to be the original web client and just takes over the original HTTP session that's already been initiated
Type 1 Authentication
Type 1 authentication, which is something you know, is by far the most common. If you're reading this lesson, you've already used type 1 authentication today when you logged into your TestOut account. Because you know the secret password associated with this account, we can be reasonably sure you are who you claim to be. Other kinds of type 1 authentication are Personal Identification Numbers, or PINs, single-use passwords, and answers to security questions, such as the street you grew up on or the name of your first pet. Many smart phones have their owners authenticate by drawing a specific pattern on the screen. Type 1 authentication is cheap and easy to implement. The downside is that it's also easy to dupe. If someone else learns your password or PIN, they can easily authenticate into your accounts and pretend to be you
Type 2 Authentication
Type 2 authentication is something you have. Examples of type 2 factors are keys, fobs, electronic chips, and smart cards. Another factor that technically falls under type 2 is your physical location. For example, you may set your smartphone to unlock automatically if it's inside your home. Type 2 authentication is more secure than type 1 because someone would need to physically steal or copy your authentication token to impersonate you. The downside is that it's harder and more expensive to implement
Type 3 Authentication
Type 3 authentication is something you are. Computers can use biometric scanners to measure unique aspects of your physical body, such as your fingerprints, handprints, retinal patterns, face, or voice. If you have a fingerprint scanner on your phone, that's type 3. Type 3 authentication is the most expensive to implement and the hardest to dupe.
Prioritization
Understanding the most critical business functions can help IT administrators prioritize which systems need to be restored first after a disaster. These might include email, financial systems, and CRM, or customer relationship management, systems
Password Reset Options
Website accounts are often set up with a built-in password reset option. This allows users to reset their own password if they don't remember it. To verify their identity, users must either answer security questions, such as their mother's maiden name, or enter a security code that's sent to a cell phone or to an alternative email address. When a password is reset, users are typically notified by email to make sure the resetting was intentionally done by them.
Device Passwords
Wireless access points, routers, and other devices often ship with a default password that would be easy for a hacker to guess. For this reason, it's important to change the default password to something secure. Computing devices such as laptops and smartphones typically give the option of using the device without a password or another authentication method. While it's convenient to use devices without security, it's a really bad idea. If you lose the device, sensitive data could immediately be in the hands of a stranger
Wiretapping
Wiretapping is a common threat that involves the direct use of technology. Since the invention of the telegraph, both criminals and law enforcement officials have engaged in wiretapping. In the digital world, wiretapping is a form of eavesdropping that uses programs such as packet sniffers to capture data being transmitted over a network. With the proper tools, unauthorized people can intercept data on either a wired or a wireless network. One of the best ways to protect against wiretapping threats is to use data encryption
Password Habits
With your password, hackers could take your money, steal your private information, and even commit crimes while pretending to be you. Because of this, it is vital that you follow the following good password habits: Keep your password secret. Never write it down, and never send it in an email. If a customer support representative asks you to send your password through an email, chat, or phone call, they're most likely a criminal trying to scam you. If you must share your password, only share it with a person you completely trust, such as a spouse. Choose a secure password. A good password should be around sixteen or more characters long and contain a combination of letters, numbers, and symbols. Also, choose a password that would be difficult to guess. Birthdays, anniversaries, and names of family members are poor choices for passwords. If you're using the word "password" as your password, stop what you're doing right now and change it! Use a unique password for every account you make. If you use the same password for multiple services or sites, then a data breach at one will compromise your security at all of them. Never enter your password into an unencrypted website. If you do, it will be sent as plain text, and someone could intercept the signal and learn your password.
System Backups
n addition to backing up data files, it's important to back up system software as well. These backups are particularly important before installing new applications on a system or making significant system configuration changes.Maintaining a regular backup process for an entire computer system is a bit more complicated than simply copying selected folders or files to a disk. System backups typically require the following: Full disk image: System backups begin by capturing a full image of a disk at a certain point in time. Incremental backups: Since most of the operating system, applications, and other files will not change much from day to day, the next step is to perform incremental backups that include only files that have been added or modified since the last backup. System restoration plan: If a system fails, users can restore system files by using the last full backup and then all incremental backups since that point in time.