Lesson Plans LabSim pc pro


Section 12.1: Best Practices



Download 1.23 Mb.
Page34/47
Date31.01.2017
Size1.23 Mb.
#14042
1   ...   30   31   32   33   34   35   36   37   ...   47

Section 12.1: Best Practices

Summary


This section discusses the following security best practices:


  • Implement the Principle of Least Privilege

  • Require passwords

  • Use strong passwords

  • Use file and folder permissions

  • Disable the Guest user account

  • Don’t use default user names

  • Disable autorun

Students will learn how to:



  • Apply the Principle of Least Privilege to increase the security of a Windows workstation.

  • Implement strong passwords.

  • Use file and folder permissions to restrict access to information on a Windows workstation.

  • Disable high-risk user accounts, such as Guest, on a Windows workstation. 

  • Disable autorun on a Windows workstation.
A+ 220-802 Exam Objectives:

  • 2.1   Apply and use common prevention methods.

    • Digital security

      • User authentication/strong passwords

      • Directory permissions

    • Principle of least privilege

  • 2.3   Implement security best practices to secure a workstation.

    • Setting strong passwords

    • Requiring passwords

    • Restricting user permissions

    • Changing default user names

    • Disabling guest account

    • Screensaver required password

    • Disable autorun


Lecture Focus Questions:

  • How does the Principle of Least Privilege apply to workstation security?

  • What are the characteristics of a strong password?

  • How can file and folder permissions be used to restrict access to information on a workstation?

  • Which default Windows user accounts should you secure?

  • How does the autorun feature in Windows reduce the security of a workstation?

Video/Demo Time



video12.1.1 Best Practices for Securing Workstations 14:09

Lab/Activity


  • Implement Workstation Security

Number of Exam Questions


4 questions

Total Time


About 25 minutes

Section 12.2: Physical Security

Summary


This section discusses the following methods of physically securing computer systems:


  • Building security

  • Hardware locks

  • Lock the workstation

  • Computer tracking service

  • Removable storage

  • Storage media disposal

  • Mobile devices

Students will learn how to:



  • Wipe data from a hard disk prior to disposal.

  • Configure a screen saver and require a password to lock the Windows desktop.
PC Pro Exam Objectives:

  • Configure a screen saver and require a password to unlock a Windows workstation.
A+ 220-802 Exam Objectives:

  • 2.1   Apply and use common prevention methods.

    • Physical security

      • Lock doors

      • Tailgating

      • Securing physical documents/passwords/shredding

      • Biometrics

      • Badges

      • Key fobs

      • RFID badge

      • RSA token

      • Privacy filters

      • Retinal

    • User education

  • 2.3   Implement security best practices to secure a workstation.

    • Screensaver required password

  • 2.4   Given a scenario, use the appropriate data destruction/disposal method.

    • Low level format vs. standard format

    • Hard drive sanitation and sanitation methods

      • Overwrite

      • Drive wipe

    • Physical destruction

      • Shredder

      • Drill

      • Electromagnetic

      • Degaussing tool

Lecture Focus Questions:

  • What precautions should you implement for good physical security for a building?

  • How can you prevent laptops and their components from being stolen?

  • How can you secure unattended Windows computers?

  • What measures can you implement to protect data on stolen laptops?

  • What is the difference between a user password and an administrator password set in the BIOS?

  • What is the difference of securely disposing of magnetic media and securely disposing of optical media?

Video/Demo Time



video12.2.1 Physical Security 19:39

video12.2.3 Data Disposal and Destruction 10:05
demo12.2.4 Wiping a Disk 7:35
demo12.2.5 Configuring a Screen Saver Password 5:20
Total 42:39

Lab/Activity


  • Require a Screen Saver Password

Number of Exam Questions


6 questions

Time


About 60 minutes

Section 12.3: Social Engineering

Summary


In this section students will learn how social engineering exploits human nature to convince someone to perform an activity. Concepts discussed include:


  • Examples of social engineering

  • Social engineering attacks:

    • Dumpster diving

    • Shoulder surfing

    • Piggybacking

    • Masquerading

    • Eavesdropping

    • Phishing

  • Countermeasures to social engineering



A+ 220-802 Exam Objectives:

  • 2.1   Apply and use common prevention methods.

    • User education

  • 2.2   Compare and contrast common security threats.

    • Social engineering

Lecture Focus Questions:

  • What characteristics of human nature does social engineering exploit?

  • Who is usually the target in social engineering?

  • How can dumpster diving give attackers valuable information?

  • What is the best defense against a social engineering attack?

Video/Demo Time



video12.3.1 Social Engineering 8:25

Number of Exam Questions


7 questions

Total Time


About 20 minutes



Download 1.23 Mb.

Share with your friends:
1   ...   30   31   32   33   34   35   36   37   ...   47



The database is protected by copyright ©ininet.org 2024
send message
    Main page
basic elements