Check Your Understanding—Access Control (39.2.12)
Refer to the online course to complete this activity.
Video—Configure Access Control (39.2.13)
Refer to the online course to view this video.
Packet Tracer—Configure Access Control (39.2.14)
In the following Packet Tracer activity, you will complete the following objectives:
- Part 1: Configure and Use AAA Authentication Credentials
- Part 2: Configure and Use Email Services
- Part 3: Configure and Use FTP Services
Refer to the online course to complete this Packet Tracer.
Defending Systems and Devices (39.3)
All aspects of the network must be protected for the network to be secure. This includes end devices and intermediary devices, hardware, and software.
Operating System Security (39.3.1)
What does an organization need to do to harden an operating system and keep it secure?
A Good Administrator
A good administrator will configure the operating system to protect against outside threats. That means removing any unnecessary programs and services, and making sure that security patches and updates are installed in a timely manner to correct faults and mitigate risks.
A Systematic Approach
It’s important to have a systematic approach in place for addressing system updates. An organization should
- Establish procedures for monitoring security-related information.
- Evaluate updates for applicability.
- Plan the installation of application updates and patches.
- Install updates using a documented plan.
A Baseline
Another critical way to secure an operating system is to identify potential vulnerabilities. To do this, establish a baseline to compare how a system is performing against baseline expectations.
Activity—What Do You Know About Antimalware? (39.3.2)
Refer to the online course to complete this activity.
Types of Antimalware (39.3.3)
You’ve identified types of antimalware that can be used to protect end devices, but there’s more to learn. Let’s go through some important points to remember about antimalware.
Watch Out for Rogue Antivirus Products
Be cautious of malicious rogue antivirus products that appear while browsing the Internet. Most of these display an ad or popup that looks like an actual Windows warning. They warn that malware is infecting the computer and prompt the user to clean it. But they do not come from legitimate sources, and clicking anywhere inside the window may download and install malware instead.
Fileless Attacks Are Difficult to Detect and Remove
Fileless malware uses legitimate programs to infect a computer. Going straight into memory, this type of malware doesn’t rely on files, so it leaves no footprint. A fileless attack ends when the system is rebooted. Fileless viruses use scripting languages such as Windows PowerShell and are hard to detect.
Scripting languages such as Python, Bash (the command-line language for Apple’s macOS and most Linux distributions), or Visual Basic for Applications (or VBA, used in Microsoft macros) can be used to create scripts that are malware.
Always Remove Unapproved Software
Unapproved or non-compliant software may be unintentionally installed on a computer. Users may also intentionally install unauthorized programs. Although unapproved software may not be malicious, it can still violate the security policy and interfere with the organization’s software or network services. Non-compliant software should be removed immediately.