LO 2 - INFORMATION SHEET - Monitor and Administer System and Network Security - ICT HNS3 05 0710

Federal Democratic Republic of Ethiopia
TVET INSTITUTE
Hardware and Network

Servicing Level III
Learning Guide 2
Course Title: Computer System and Network
Security
Module Title: Administering Network
Infrastructure
Course Content: Secure File and Resource Access
LO2- Secure File and Resource
Instruction
Access
There are multiple layers of security in a network, including physical, wireless, and data. Each layer is
subject to security attacks. The technician needs to understand how to implement security
procedures to protect equipment and data.
This learning guide is developed to provide you the necessary information regarding the following
content coverage and topics –
 Security and Access Features of Operating System

 Security Settings Configuration
 Anti-virus Software
This guide will also assist you to attain the learning outcome stated in the cover page.
Specifically, upon completion of this Learning Guide, you will be able to –
 Secure personal computer using the Operating System security feature

 Secure WLAN (Wireless Local Area Network) using MAC address Filtering and Port
Forwarding
 Implement and schedule an anti-virus scan
Learning Activities:
1. Read the specific objectives of this Learning Guide

2. Read the information written in the “Information Sheet 1”
3. Accomplish self-check 1 on page 6.
4. If the result of your evaluation in self-check 1 is satisfactory then you may proceed to
operation sheet 1.
5. Perform and accomplish all the tasks in operation sheet 1.
6. Once operation sheet 1 is completed, proceed to Information sheet 2.
7. Accomplish the Self-check 2 on page 20.
8. If the result of your evaluation in self-check 2 is satisfactory then you may proceed to
operation sheet 2
9. Once operation sheet 2 is completed, proceed to Information sheet 3
10. Accomplish self-check 3 on page 37.
11. Perform and accomplish all the tasks in operation sheet 3
12. Complete LAP test
NOTE: Self-check answers are on page 44
*Your teacher will evaluate your output either satisfactory or not satisfactory. If not satisfactory,
your teacher shall advice you on additional work. But if satisfactory you can proceed to the next
topic.
Securing File and Resource Access
Computer System and Network Security Page 2
Information Sheet – 1 Security and Access Features of Operating
System
Adding layers of security on a network will make the network more secure, but can be expensive.
You must compare the value of the data and equipment to be protected with the cost of protection
when implementing the customer's security policy.
One way to contribute security in the network is by securing your computer system.
Security is the important feature that should be looked for in an operating system. An operating
system in the computer takes care of all security issues of computer and data in it. Log in passwords,
firewall settings, and every such aspect related to security depends on the ability of the operating
system. Some of the computers in network may involve in file sharing, and other data sharing. So it
is important in such cases to have powerful secured operating systems.
A firewall is a device or set of devices designed to permit or deny network transmissions based upon
a set of rules and is frequently used to protect networks from unauthorized access while permitting
legitimate communications to pass.
Many personal computer operating systems include software-based firewalls to protect against
threats from the public Internet. Many routers that pass data between networks contain firewall
components and, conversely, many firewalls can perform basic routing functions.
FIGURE 1. An illustration of where a firewall would be located in a network
Configuring Firewall Types
A firewall selectively denies traffic to a computer or network segment. Firewalls generally work by
opening and closing the ports used by various applications. By opening only the required ports on a
firewall, you are implementing a restrictive security policy. Any packet not explicitly permitted is
denied. In contrast, a permissive security policy permits access through all ports, except those
explicitly denied. In the past, software and hardware were shipped with permissive settings. As users
neglected to configure their equipment, the default permissive settings left many devices exposed to

attackers. Most devices now ship with settings as restrictive as possible, while still allowing easy
setup.
Software Firewalls
All firewall software is not created equal, and consumers must research firewall software based on
their individual Internet activity. Firewall software is the first and most important line of defense
against cyber-terrorism, teenage hackers, professional hackers, organized crime, email spammers,
spyware, viruses, unauthorized cookies, DoS attacks and other types of malicious software and
cyber-attacks. Knowing the types of firewall software available and the type of protection they
provide will allow the consumer to choose wisely.
Firewall Functions
Firewall software functions as the front-line of defense against unwanted probes into the
information stored on each individual computer. This includes the type of software on the system
and the custom data created by the computer owner. All firewall software provides some level of
protection against unauthorized intruders, protecting the computer from communication to and
from unauthorized connections, making the computer virtually invisible to cyber-criminals and other
intruders randomly searching the Internet for vulnerable computers or other smart appliances.
Levels of Protection
Firewall software is created with different levels of security algorithms. Microsoft Windows, for
example, comes with the most basic firewall built into the operating program. The purpose of the
Windows Firewall is to provide entry-level firewall protection until the Windows user activates the
security solutions offered by Microsoft's strategic partners, usually Norton or McAfee security
solutions.
The most advanced firewall software will protect and monitor all 65,535 communication ports,
which allow access to the Internet. Advanced firewall software will ask permission from the
computer user before any communication is approved, inside or outside the computer.
Firewall Features
The two specific features consumers should look for in their firewall software are:
1. Built-in Intrusion Detection (IDS), which alerts users when someone is attempting to access
their computer. IDS protection is similar to a home protection system; it acts as an intruder
alarm system for the computer.
2. MD5 signature verification, which is a mathematical algorithm that creates a digital

signature for programs and applications. It is one of the most powerful and reliable security
protection methods used today for checking malicious code that may have been embedded
into a trusted program or file.
Software firewalls can be either an independent application or part of the operating system. There
are several third-party software firewalls. There is also a software firewall built into Windows XP, as
shown in Figure 2.

FIGURE 2. Windows XP Firewall
Configuring the Windows XP or Windows Vista firewall can be completed in two ways:
 Automatically – The user is prompted to Keep Blocking, Unblock, or Ask Me Later for any
unsolicited requests. These requests may be from legitimate applications that have not been
configured previously or may be from a virus or worm that has infected the system.
 Manage Security Settings – The user manually adds the program or ports that are required
for the applications in use on the network. Figure 2 shows Windows Vista firewall exception.
The Windows firewall blocks all incoming network connections, except for specific programs and
services. For example, the Windows Update service and Internet Explorer are allowed through the
firewall by default. An exception, as shown in Figure 3, is a rule that opens a blocked port in the
firewall for a specific need. For instance, to allow an FTP connection you must create an exception
that will open up port 21. Each different type of connection requires a unique port number to pass
data through the firewall.
FIGURE 3. Windows Vista Firewall Exception

Self-Check 1 Written Test
Name: _________________________________ Date: ________
Directions: Choose the correct answer by encircling the letter of choice.
1. Which one of the following is a key function of a firewall?
a. Monitoring
b. Deleting
c. Copying
d. Moving
2. Which one of the following can be considered to be a hardware firewall?
a. Router
b. Hub
c. Bridge
d. Switch
3. Which of the following will NOT help secure your desktop PCs?
a. Turn on Automatic Updates

b. Turn on Windows Firewall
c. Install antivirus software
d. Open email attachments from an unknown sender
4. True or false: If you have a firewall on your network you don't need to turn on Windows Firewall.
a. True
b. False
5. True or false: If you set your antivirus software to auto-update then you don't need Windows
Automatic Updates.
a. True
b. False

6. True or false: Small businesses are not targets for hackers.
a. True
b. False
Note: Satisfactory rating – 6 points / Not satisfactory - below 6 points

Operation Sheet 1 Security and Access Features of Operating System
In this activity you will explore the Windows XP Firewall and configure some advanced settings.
Recommended Equipment
 Two computers directly connected or connected through a hub or switch

 Windows XP installed on both computers
 Computers are in the same workgroup and share the same subnet mask
Step 1 :
From computer 1, right-click the desktop, select New > Folder. Name the folder FTTI. Share
the folder, use the default name FTTI.
From computer 2 open My Network Place > select View workgroup computers and connect
to computer 1.
Can you see the shared folder FTTI? _______________
Note: If you answered no, inform the instructor.
Close My Network Place.
Note: Use computer 1 for the rest of the lab unless otherwise stated.
Step 2 :
Navigate to the Windows XP Firewall:
Click Start > Control Panel > Security Center.
The Firewall indicator shows the status of the firewall. The normal setting is “ON”.

Access Windows firewall by clicking Windows Firewall at the bottom of the window.
Step 3 :
The Windows Firewall window opens.
In the space below, state why turning off the Windows Firewall is not advised.

Step 4 :
From the Windows Firewall window select the Exceptions tab. Programs and services that
Windows Firewall is not blocking will be listed with a checkmark.
You can add applications to this list. This may be necessary if your customer has an
application that requires outside communications but for some reason the Windows Firewall
cannot perform the configuration automatically. You must be logged on to this computer as
an administrator to complete this procedure.
Click What are the risks of allowing exceptions?

Creating too many exceptions in your Programs and Services file can have negative
consequences. Describe a negative consequence to having too many exceptions.
Close the Help and Support Center window.

Step 5 :
From computer 1:
To turn off an exception, remove the check mark from File and Printer Sharing > OK.
From computer 2:
Open My Network Place > View workgroup computers and connect to computer 1.
Can you connect to computer 1? _____________
NOTE: if your answer is NO; troubleshoot your connection
From computer 1:
To turn on an exception, add a check mark to File and Printer Sharing > OK.
From computer 2:
Refresh My Network Place and connect to computer 1.
Can you connect to computer 1? ______________
NOTE: if your answer is NO; troubleshoot your connection.
Log off computer 2. Use computer 1 for the rest of the lab.
Step 6 :
From the Windows Firewall control menu select the Advanced tab to view the Network
Connection Settings. Network Connection Settings displays the different connections
configured for your computer.

Click the Settings button in the Network Connection Settings area. The Advanced
Settings window has two tabs: Services and ICMP. Click the Services tab.
In the space below, list the services that are available.
Step 7 :
There are many applications that users do not normally see that also need to get through
the Windows Firewall to access your computer. These are the network level commands that
direct traffic on the network and the Internet.
Under the ICMP heading, click the Settings button. You will see the menu where ICMP
exceptions are configured.

In the example here, allowing incoming echo requests is what allows network users to ping
your computer to determine if it is present on the network and how fast information travels
to and from it.
In the space below, list the requests for information that your computer will respond to.
Close all windows.

Information Sheet – 2 Security Settings Configuration
A network has many different types of security settings. Technicians must configure security settings
for folders and files, wireless devices and clients, and hardware and software firewalls.
Permission Levels for Folders and Files
Permission levels are configured to limit individual or group user access to specific data. Both FAT
and NTFS allow folder sharing and folder-level permissions for users with network access. Folder
permissions are shown in Figure 1. The additional security of file-level permissions is provided with
NTFS. File-level permissions are shown in Figure 2.
FIGURE 1. Folder Permission

FIGURE 2. File Permission
When configuring network share permissions for a computer that has NTFS, you must create a
network share and assign shared permissions to users or groups. Only users and groups with both
NTFS permissions and shared permissions can access a network share.
File and network share permissions can be granted to individuals or through membership within a
group. If an individual or a group is denied permissions to a network share, this denial overrides any
other permission given. For example, if you deny someone permission to a network share, the user
cannot access that share, even if the user is the administrator or part of the administrators group.
Securing a network includes the proper selection and configuration of several different technologies.
Some of these technologies, which are shown in Figure 3, are used to configure wireless security.
The type of security needed by the network will indicate which security technologies must be
enabled and configured in each network device.
FIGURE 3. Wireless Security Configuration

Wireless Antennae
The gain and signal pattern of the antenna connected to a wireless access point can influence where
the signal can be received. Avoid transmitting signals outside of the network area by installing an
antenna with a pattern that serves your network users.
Network Device Access Permissions
Many wireless devices built by a specific manufacturer have the same default username and
password for accessing the wireless configuration. If left unchanged, unauthorized users can easily
log on to the access point and modify the settings. When you first connect to the network device,
change the default username and password. Some devices allow you to change both the username
and the password, while others only allow you to change the password.
Wireless Security Modes
Most wireless access points support several different security modes. The most common ones are:
 Wired Equivalent Privacy (WEP) – This encrypts the broadcast data between the wireless
access point and the client using a 64-bit or 128-bit encryption key. Figure 4 shows the WEP
configuration.
 Wi-Fi Protected Access (WPA) – This is an improved version of WEP. It was created as a
temporary solution until 802.11i became ratified. Now that 802.11i has been ratified, WPA2
has been released. It covers the entire 802.11i standard. WPA uses much stronger
encryption than WEP encryption.
 Wi-Fi Protected Access 2 (WPA2) – This is an improved version of WPA. WPA2 supports
robust encryption, which provides government-grade security. WPA2 can be enabled with
password authentication (Personal) or server authentication (Enterprise).
 Lightweight Extensible Authentication Protocol (LEAP), also called EAP-Cisco – This is a

wireless security protocol created by Cisco to address the weaknesses in WEP and WPA.
FIGURE 4. WEP
SSID
A wireless access point broadcasts the SSID by default so that wireless devices can detect the
wireless network. You can disable SSID broadcasting on a wireless network to prevent the wireless
access point or router from revealing the name of the wireless network.
Disabling SSID broadcasting can make it more difficult for legitimate clients to find the wireless
network. Manually enter the SSID on wireless devices to connect to the wireless network when the
SSID broadcast has been disabled on the wireless router or access point. Simply turning off the SSID
broadcast is not sufficient to prevent unauthorized clients from connecting to the wireless network.
Instead of turning off the SSID broadcast, use stronger encryption such as WPA or WPA2.
MAC Address Filtering
MAC address filtering is a technique used to deploy device-level security on a wireless LAN. Because
every wireless client has a unique MAC address, wireless access points can prevent wireless clients
from connecting to the wireless network if they do not have authorized MAC addresses. MAC
address filtering, as shown in Figure 5, is vulnerable to attack when used alone and should be
combined with other security techniques.
FIGURE 5. MAC Address Filtering
The MAC address of a wireless NIC can be found by typing ipconfig /all at the command prompt. For
devices other than computers, the MAC address can usually be found on the label of the device or
within the manufacturer’s instructions. On wireless networks with a large number of clients, MAC
address filtering can become tedious because you must enter each MAC address in the filter.
MAC address filtering is not a strong layer of security. Instead of using MAC address filtering, use
stronger encryption techniques such as WPA or WPA2.
Firewalls
A firewall is a device or application installed on a network to protect it from unauthorized users and
malicious attacks. A software firewall is software installed on a computer to block specific incoming
or outgoing traffic. For example, a firewall that is configured to block outgoing traffic on port 21 will

not allow the computer to connect to a standard FTP server. The firewall can be configured to block
multiple individual ports, a range of ports, or even traffic specific to an application.
The Linksys WRT300N wireless router is also a hardware firewall. A hardware firewall isolates your
network from other networks. A hardware firewall will pass two different types of traffic into your
network:
 Traffic that originates from inside your network

 Traffic destined for a port that you have intentionally left open
There are several types of hardware firewall configurations:
 Packet filter – This configuration does not allow packets to pass through the firewall, unless
they match the established rule set configured in the firewall. Traffic can be filtered based
on many attributes, such as source IP address, source port or destination IP address or port,
and destination services such as WWW or FTP.
 Application layer – This configuration intercepts all packets traveling to or from an
application. It prevents all unwanted outside traffic from reaching protected devices.
 Proxy – This configuration intercepts all traffic between computers and different networks
and uses established rules to determine if data requests should be allowed.
Port Forwarding and Port Triggering
Hardware firewalls are mainly used to block ports to prevent unauthorized access in and out of a
LAN. However, there are situations when specific ports must be opened so that certain programs
and applications can function properly. Port forwarding is a rule-based method of directing traffic
between devices on separate networks. When traffic reaches the router, the router determines if
the traffic should be forwarded to a certain device based upon the port number found with the
traffic. For example, port numbers are associated with specific services such as FTP, HTTP, HTTPS,
and POP3. The rules determine which traffic will be sent onto the LAN. For example, a router might
be configured to forward port 80, which is associated with the HTTP protocol. If the router then
receives a packet with the destination port of 80, the router will forward this traffic to a web server
inside the network.
Port triggering allows the router to temporarily forward data through inbound ports to a specific
device. You can use port triggering to forward data to a computer only when a designated port range
is used to make an outbound request.
For example, a video game might use ports 27000 to 27100 for connecting with other players. These
are the trigger ports. A chat client might use port 56 for connecting the same players so that they
can interact with each other. An example of a port triggering rule is when any gaming traffic uses an
outbound port that is within the triggered port range, inbound chat traffic on port 56 will be
forwarded to the computer that is being used to play the video game and chat with friends. When
the game is over and the triggered ports are no longer in use, port 56 will no longer be allowed to
send traffic of any type to this computer.

Name: _________________________________ Date: ________
1. Is a device or application installed on a network to protect it from unauthorized users and

malicious attacks.
a. MAC address filtering

b. Firewall
c. Port Forwarding
d. Port triggering
2. Is a technique used to deploy device-level security on a wireless LAN

b. Firewall
c. Port Forwarding
d. Port triggering
3. Allows the router to temporarily forward data through inbound ports to a specific device

b. Firewall
c. Port Forwarding
d. Port Triggering
4. Is a rule-based method of directing traffic between devices on separate networks.

b. Firewall
c. Port Forwarding
d. Port Triggering
5. This configuration intercepts all traffic between computers and different networks and uses
established rules to determine if data requests should be allowed
a. Packet Filtering
b. Application Layer
c. Proxy
d. SSID

Operation Sheet 2 Security Settings Configuration
In this activity, you will configure and test the wireless settings on the Linksys WRT300N.
Recommended Equipment
 Two computers with Windows XP or Windows Vista

 An Ethernet NIC installed in computer 1
 A Wireless NIC installed in computer 2
 Linksys WRT300N Wireless Router
 Ethernet patch cable
Step 1 :
Ask the instructor for the following information:.
Default Login Information:

User Name (if any) _____________________________________
Password ____________________________________________
Basic Wireless Settings:
Network Name (SSID) __________________________________
Important: Only use configurations assigned by the instructor.
Note: use computer 1 for all lab instructions unless stated.
Step 2 :
Connect computer 1 to an Ethernet ports on the wireless router with an Ethernet patch
cable.
Plug in the power of the wireless router. Boot the computer and log in as an administrator.
Step 3 :
Open the command prompt.
Type ipconfig.
What is the IP address for the computer? ___________________
What is the default gateway for the computer? __________________

NOTE: If default gateway IP address is not 192.168.0.1, RESET the wireless Router.
Step 4 :
Open a Browser (Internet Explorer or Mozilla) and connect to the wireless router.
Type “admin” in the “Password:” field.
The Setup screen appears. Click Wireless tab.
Step 5 :
Click Wireless Security tab, then for Security Mode select WPA2 Personal.

Set the following settings:
 Encryption – AES
 Pre-shared Key – Ftti123456789
 Key Renewal – 3600
Click Save Settings > Continue
Keep Internet Explorer open to the Linksys router
Step 6 :
Log in to computer 2, the wireless computer, as the administrator.
Connect to the wireless network. If asked for a security key or passphrase enter:
Ftti123456789
Open the command prompt.
Type ipconfig /all.
What is the physical address of the wireless NIC?

____________________________________
Type ping IP address. Where IP address is the IP address of computer 1.
Was the ping successful? _____________

NOTE:
Keep the command prompt window open.
Step 7 :
From computer 1, make sure Internet Explorer is active.
Under the Wireless tab click Wireless MAC Filter.
Select Enabled > Prevent > click Wireless Client List button.

Step 8 :
Select Save to MAC Address Filter List check box for computer 2.
Click Add.
The Wireless MAC Filter window opens.

Click Save Settings > Continue.
Step 9 :
From computer 2:
In the command prompt window type ping IP address. Where IP address is the IP address of
computer 1.
Was the ping successful? _________________
NOTE: If the ping is NOT successful then ______________________

Step 10 :
From computer 1, click the browser so it is activated.
Click Administration on the main tab bar.
Highlight the Router Password, type ICTFTTI. Type the same password in Re-enter to
confirm.
Click Cancel Changes. Do not save the new password.
Step 11 :
Click Security on the main tab bar.

By default SPI Firewall Protection is Enabled.
What Internet Filters are activated? ______________________________
What Web Filters are activated? _________________________________
Step 12 :
Click Applications & Gaming on the main tab bar.
Click Single Port Forwarding.

To forward an otherwise blocked port to a specific computer, select Application Name FTP.

Type the last octet of the IP address for the computer and then click Enabled checkbox.
Click Cancel Changes. Do not save the new setting.
Step 13 :
Click Port Range Triggering.

To open an otherwise blocked port, type in the application name IRC.
Then type the Triggered Range 6660 to 7000, Forwarded Range 113 to 113 and then
click Enabled checkbox.
Click Cancel Changes. Do not save the new setting.

Step 14 :
From computer 1, click Wireless tab.
Click Wireless MAC Filter > Disable.
Click Save Settings > Continue.

Information Sheet – 3 Anti-virus Software
Viruses, worms, and Trojan horses can cause serious problems on networks and end systems.
A virus is a malicious code that is attached to legitimate programs or executable files. Most viruses
require end-user activation and can lay dormant for an extended period and then activate at a
specific time or date. A simple virus may install itself at the first line of code on an executable file.
When activated, the virus might check the disk for other executable, so that it can infect all the files
it has not yet infected. Viruses can be harmless, such as those that display a picture on the screen, or
they can be destructive, such as those that modify or delete files on the hard drive. Viruses can also
be programmed to mutate to avoid detection.
FIGURE 1. Computer Virus
In the past, viruses were usually spread via floppy disks and computer modems. Today, most viruses
are spread by USB memory sticks, CDs, DVDs, network shares, or email. Email viruses are now the
most common type of virus.
Worms are a particularly dangerous type of hostile code. They replicate themselves by
independently exploiting vulnerabilities in networks. Worms usually slow down networks.
Whereas a virus requires a host program to run, worms can run by themselves. They do not require
user participation and can spread extremely fast over the network.
Worms are responsible for some of the most devastating attacks on the Internet. For example, the
SQL Slammer Worm of January 2003 slowed down global Internet traffic as a result of Denial of
Service. Over 250,000 hosts were affected within 30 minutes of its release. The worm exploited a
buffer overflow bug in Microsoft's SQL Server. A patch for this vulnerability was released in mid-
2002, so the servers that were affected were those that did not have the update patch applied. This
is a great example of why it is so important for the security policy of an organization to require
timely updates and patches for operating systems and applications.

FIGURE 2. SQL Slammer Worm
The term Trojan Horse originated from Greek mythology. Greek warriors offered the people of Troy
(Trojans) a giant hollow horse as a gift. The Trojans brought the giant horse into their walled city,
unaware that it contained many Greek warriors. At night, after most Trojans were asleep, the
warriors burst out of the horse and overtook the city.
A Trojan Horse in the world of computing is malware that carries out malicious operations under the
guise of a desired function. A virus or worm could carry a Trojan Horse. A Trojan Horse contains
hidden, malicious code that exploits the privileges of the user that runs it. Games can often have a
Trojan Horse attached to them. When running the game, the game works, but in the background,
the Trojan Horse has been installed on the user's system and continues running after the game has
been closed.
The Trojan Horse concept is flexible. It can cause immediate damage, provide remote access to the
system (a back door), or perform actions as instructed remotely, such as "send me the password file
once per week."
FIGURE 3. Trojan Horses
Custom-written Trojan Horses, such as Trojan Horses with a specific target, are difficult to detect.
Trojan Horses are usually classified according to the damage that they cause or the manner in which
they breach a system:
 Remote-access Trojan Horse (enables unauthorized remote access)

 Data sending Trojan Horse (provides the attacker with sensitive data such as passwords)
 Destructive Trojan Horse (corrupts or deletes files)
 Proxy Trojan Horse (user's computer functions as a proxy server)
 FTP Trojan Horse (opens port 21)
 Security software disabler Trojan Horse (stops anti-virus programs or firewalls from
functioning)
 Denial of Service Trojan Horse (slows or halts network activity)
Network administrators have several means of mitigating these attacks.
Note that mitigation techniques are often referred to in the security community as
countermeasures.
The primary means of mitigating virus and Trojan horse attacks is anti-virus software. Anti-virus
software helps prevent hosts from getting infected and spreading malicious code. It requires much
more time to clean up infected computers than it does to maintain up-to-date anti-virus software
and anti-virus definitions on the same machines.
Anti-virus software is the most widely deployed security product on the market today. Several
companies that create anti-virus software, such as Symantec, Computer Associates, McAfee, and
Trend Micro, have been in the business of detecting and eliminating viruses for more than a decade.
Many corporations and educational institutions purchase volume licensing for their users. The users
are able to log in to a website with their account and download the anti-virus software on their
desktops, laptops, or servers.
FIGURE 4. Antivirus Software

Anti-virus products have update automation options so that new virus definitions and new software
updates can be downloaded automatically or on demand. This practice is the most critical
requirement for keeping a network free of viruses and should be formalized in a network security
policy.
Anti-virus products are host-based. These products are installed on computers and servers to detect
and eliminate viruses. However, they do not prevent viruses from entering the network, so a
network security professional needs to be aware of the major viruses and keep track of security
updates regarding emerging viruses.

Name: ___________________________________ Date: ________
1. They replicate themselves by independently exploiting vulnerabilities in networks.
a. Virus
b. Worms
c. Tojan Horse
2. Is a malicious code that is attached to legitimate programs or executable files.
a. Virus
b. Worms
c. Tojan Horse
3. Can also be programmed to mutate to avoid detection.
a. Virus
b. Worms
c. Tojan Horse
4. Usually slow down networks.
a. Virus
b. Worms
c. Tojan Horse
5. A malware that carries out malicious operations under the guise of a desired function.
a. Virus
b. Worms
c. Tojan Horse

6. It can cause immediate damage, provide remote access to the system (a back door), or perform
actions as instructed remotely, such as "send me the password file once per week."
a. Virus
b. Worms
c. Tojan Horse

Operation Sheet 3 AVG Scanning Options
AVG offers a wide choice of scanning options; you can scan any part of the computer you like, and
extensive scanning settings allow you to tailor the scans to your needs.
To easily check any part of your computer for viruses and malware, the following scans have been
predefined by the manufacturer:
 Whole computer scan

 Specific files or folders scan
 Shell extension scan
 Removable device scan
 Scan from command line
The Whole computer scan and Specific files or folders scan can be edited and launched from the
Main Screen -> Computer scanner. The screen also offers scheduling options, and additional
buttons: view Scan history, or the contents of the Virus Vault.
In this activity, you will implement and schedule an anti-virus scan specifically AVG version 9.0
Step 1: Click Manage Scheduled Scans option

Step 2: Click Add scan schedule button
The next window will appear.

Step 3: Tick the Enable this link option
Step 4: Under schedule running, choose Run at a specific time interval option and Selected days
_________ at ____________
Step 5: Under advanced schedule options, tick Run on computer startup if task has been missed
Step 6: click save button

LAP Test Practical Test
Name: _____________________________ Date: _______________________

Time started: ________________________ Time finished: ________________
Instructions: You are required to answer the following individually with the presence of your
teacher.
A. In this activity, you will use the Internet, a newspaper, or a local store to gather information
about third-party anti-virus software.
Using the Internet, a newspaper, or a local store, research 2 different anti-virus software
applications. Based on your research, complete the table below.
Company / Software Name Software Features Subscription

Website URL Length (Month / Year / Lifetime)
Cost
B. Which anti-virus software would you purchase? List reasons for your selection

C. Explain why network professionals recommend an antivirus scan scheduling.
NOTE: THE FOLLOWING QUESTIONS SHOULD BE ANSWERED WITHOUT THE AID OF THE INTERTNET
D. List down the steps on how to disable echo request traffic on a computer using Windows XP
Operating System
E. Among the wireless security modes, which is more secured? Why?

ANSWER KEY
 Self-check 1
1. A
2. A
3. D
4. B
5. B
6. B
 Self-check 2
1. B
2. A
3. D
4. C
5. C
 Self-check 3
1. B
2. A
3. A
4. B
5. C
6. C

List of Resource Materials
 CCNA Exploration 4 Accessing the WAN Companion Guide

 CCNA Security Companion Guide
 IT Essentials PC Hardware and Software Version 4.0
 An Introduction to Computer Security:
The NIST Handbook
 Detecting and preventing attacks using network intrusion detection systems
By Meera Gandhi and S.K.Srivatsa
 http://computersecuritycrew.com/features_of_os.php
 http://www.ehow.com/about_5341415_types-firewall-software.html
 http://en.wikipedia.org/wiki/Firewall_%28computing%29


LO 2 - INFORMATION SHEET - Monitor and Administer System and Network Security - ICT HNS3 05 0710

Uploaded by

Copyright:

Available Formats

You might also like

LO 2 - INFORMATION SHEET - Monitor and Administer System and Network Security - ICT HNS3 05 0710

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

LO 2 - INFORMATION SHEET - Monitor and Administer System and Network Security - ICT HNS3 05 0710

Uploaded by

Copyright:

Available Formats

Federal Democratic Republic of Ethiopia

Hardware and Network

 Security and Access Features of Operating System

Specifically, upon completion of this Learning Guide, you will be able to –

 Secure personal computer using the Operating System security feature

1. Read the specific objectives of this Learning Guide

NOTE: Self-check answers are on page 44

FIGURE 1. An illustration of where a firewall would be located in a network

Configuring Firewall Types

Securing File and Resource Access

2. MD5 signature verification, which is a mathematical algorithm that creates a digital

Securing File and Resource Access

FIGURE 3. Windows Vista Firewall Exception

Securing File and Resource Access

Name: _________________________________ Date: ________

Directions: Choose the correct answer by encircling the letter of choice.

1. Which one of the following is a key function of a firewall?

2. Which one of the following can be considered to be a hardware firewall?

a. Turn on Automatic Updates

Securing File and Resource Access

Note: Satisfactory rating – 6 points / Not satisfactory - below 6 points

Securing File and Resource Access

 Two computers directly connected or connected through a hub or switch

Can you see the shared folder FTTI? _______________

Note: If you answered no, inform the instructor.

Close My Network Place.

Click Start > Control Panel > Security Center.

Securing File and Resource Access

Securing File and Resource Access

Click What are the risks of allowing exceptions?

Securing File and Resource Access

Close the Help and Support Center window.

Securing File and Resource Access

Can you connect to computer 1? _____________

NOTE: if your answer is NO; troubleshoot your connection

Refresh My Network Place and connect to computer 1.

Can you connect to computer 1? ______________

NOTE: if your answer is NO; troubleshoot your connection.

Securing File and Resource Access

In the space below, list the services that are available.

Securing File and Resource Access

Close all windows.

Securing File and Resource Access

Permission Levels for Folders and Files

FIGURE 1. Folder Permission

Securing File and Resource Access

FIGURE 3. Wireless Security Configuration

Securing File and Resource Access

Network Device Access Permissions

Wireless Security Modes

 Lightweight Extensible Authentication Protocol (LEAP), also called EAP-Cisco – This is a

MAC Address Filtering

FIGURE 5. MAC Address Filtering

Securing File and Resource Access

 Traffic that originates from inside your network

There are several types of hardware firewall configurations:

Port Forwarding and Port Triggering

Name: _________________________ Date:

Name: _________________________ Date: