2) Security Part 3 Flashcards
Password Best Practices
Strong passwords Password expiration Screensaver required password BIOS/UEFI passwords Requiring passwords Change default usernames/passwords
Account Management
Restricting user permissions (least privilege)
Logon time restrictions
Disabling guest account
Failed attempts lockout
Timeout/screen lock
Change default admin user account/password
Basic Active Directory Functions
Account creation
Account deletion
Password reset/unlock account
Disable account
Right Click User > Properties
Disable Autorun
Autorun.inf in Vista
Windows 7/8/10 - Not available
AutoPlay - If Windows detects audio files in a removable disk, it will automatically run them.
Can be disabled.
Mobile Device Security: Screen Locks
Fingerprint lock
Face lock
Swipe lock
Passcode lock
Mobile Device Security: Locator Apps/Remote Wipes
Build-in GPS (may use 802.11 to triangulate location)
Find your phone on a map
Control from afar (make a sound, display message)
Wipe everything remotely
Mobile Device Security: Remote Backup Apps
Can be difficult to backup something that’s always moving.
You can automatically backup data to the cloud (iCloud, Google)
Mobile Device Security: Failed login attempts restrictions
iOS: Erase everything after 10 failed attempts
(Timeout increases for each fail after 5th)
Android: Lock device & require Google login
Mobile Device Security: Antivirus/Anti-malware
iOS
Closed environment, tightly regulated
Malware has to find a zero-day
Android
More open, apps can be installed from anywhere
Easier for malware to find its way in
Apps run in a “sandbox”
You control what data an app can view
Mobile Device Security: Patching/OS updates
All devices need updates.
Security patches are very important.
Usually includes new features, bug fixes.
Mobile Device Security: Full Device Encryption
Encrypts all device data (phone keeps the key)
iOS 8+: personal data is encrypted with passcode
Android: Full device encryption can be turned on
Mobile Device Security: Authenticator Apps
Pseudo-Random token generator used to confirm identity for multifactor authentication.
Mobile Device Security: Trusted vs. Untrusted Sources
Android:
Once malware is on a phone, it has a huge amount of access.
iOS:
All apps are curated by Apple.
Mobile Device Security: Firewalls
Mobile phones don’t include a firewall.
Most traffic is outbound, not inbound.
Some mobile firewalls apps are available.
Most for Android, not widely used.
Enterprise environments can control mobile apps.
Firewalls can allow/disallow access.
Mobile Device Security: Policies/Procedures
BYOD (Bring Your Own Device)
Using your own device in a corporate setting.
MDM (Mobile Device Manager)
Allows for centralized management of the devices.
Can set policies on apps/data/camera/locks/etc
Profile security requirements
Data Destruction: Shredder
Industrial shredders can be used to destroy hard drives. Not something that can typically be done at home.
Data Destruction: Drill/Hammer
Quick and easy means of data destruction in a home setting. Drill the platters all the way through.
Data Destruction: Degaussing
Destroys the drive data & electronics with electromagnetics to remove the magnetic field.
Data Destruction: Incineration
Helps to ensure that no part of the drive can be recovered.
Data Destruction: Certificate of Destruction
A certificate that confirms that all of your data has been completely destroyed by whichever third party you use.
A paper trail of the broken data (you know exactly what happened)
Data Destruction: Low-Level vs. Standard Format
Low Level:
Provided at a factory (not an end-user process)
Standard Format/Quick Format:
Sets up file system, installs boot sector
Clears master file table, but not data
Can be recovered with proper software
Standard Format/Regular Format:
Overwrites every sector with zeros
Windows Vista & later
Cannot recover data
Data Destruction: Overwrite
File level overwriting: Sdelete
Windows Sysinternals
Data Destruction: Drive Wipe
DBAN (Darik’s Boot & Nuke)
Whole drive wipe, secure data removal
