Chapter 7: Security (Core 2 – 220-1202)
7.1 Security Fundamentals
What is Security?
Security protects:
- Systems
- Networks
- Data
from unauthorized access, damage, or theft.
CIA Triad (FOUNDATIONAL CONCEPT)
|
Principle |
Description |
|
Confidentiality |
Data is private |
|
Integrity |
Data is not altered |
|
Availability |
Data is accessible |
7.2 Types of Threats & Malware
Malware Types (MEMORIZE)
Virus
- Attaches to files
- Spreads when executed
Worm
- Self-replicates across networks
- No user action needed
Trojan
- Disguised as legitimate software
Ransomware
- Locks data until payment
Spyware
- Tracks user activity
Keylogger
- Records keystrokes
Rootkit
- Hides deep in OS
7.3 Social Engineering Attacks
Common Attacks
Phishing
- Fake emails to steal data
Spear Phishing
- Targeted phishing attack
Impersonation
- Pretending to be trusted person
Vishing
- Voice phishing (phone calls)
Smishing
- SMS phishing
Baiting
- Leaving infected USB drives
Prevention:
- Verify identity
- Avoid suspicious links
- User education
7.4 Authentication & Access Control
Authentication Factors
|
Type |
Example |
|
Something you know |
Password |
|
Something you have |
Token |
|
Something you are |
Fingerprint |
MFA (Multi-Factor Authentication)
- Uses 2+ factors
- Stronger security
Access Control Models
|
Model |
Description |
|
Least Privilege |
Minimum access needed |
|
Role-Based (RBAC) |
Based on job role |
7.5 Wireless Security
Encryption Types
|
Type |
Security Level |
|
WEP |
Weak ❌ |
|
WPA |
Better |
|
WPA2 |
Strong ✅ |
|
WPA3 |
Strongest ✅ |
Best Practices:
- Change default SSID
- Use strong passwords
- Disable SSID broadcast (optional)
7.6 Mobile Device Security
Key Features:
- Screen lock
- Biometrics
- Remote wipe
Mobile Risks:
- Lost/stolen devices
- Unsecured apps
Protection:
- Enable encryption
- Use MDM (Mobile Device Management)
7.7 Physical Security
Controls:
- Locks
- Security cameras
- Badge systems
- Biometrics
Threats:
- Tailgating
- Theft
7.8 Data Security
Encryption
- Protects data from unauthorized access
Data Types:
- Data at rest
- Data in transit
- Data in use
Backup Methods:
|
Type |
Description |
|
Full |
All data |
|
Incremental |
Changes since last backup |
|
Differential |
Changes since last full backup |
7.9 Security Tools
Common Tools
|
Tool |
Function |
|
Antivirus |
Detect/remove malware |
|
Firewall |
Filter traffic |
|
Anti-malware |
Advanced protection |
OS Security Tools:
- Windows Defender
- BitLocker (encryption)
7.10 Password Security
Strong Password Rules:
- 12+ characters
- Mix of:
- Uppercase
- Lowercase
- Numbers
- Symbols
Weak Practices:
- Reusing passwords
- Sharing credentials
Best Practices:
- Use password manager
- Enable MFA
7.11 Security Best Practices
✔ Keep systems updated
✔ Install antivirus
✔ Use strong passwords
✔ Backup data regularly
✔ Educate users
7.12 Incident Response (EXAM IMPORTANT)
Steps:
- Identify incident
- Contain threat
- Eradicate threat
- Recover systems
- Document
7.13 Malware Removal Process
Steps:
- Identify malware
2. Quarantine system
3. Remove malware
4. Update system
5. Educate user
7.14 Security Troubleshooting
Common Issues
Slow System
- Malware infection
Locked Account
- Too many login attempts
Unauthorized Access
- Weak password
Infected System
- Pop-ups, unknown apps
7.15 Exam Tips (CRITICAL)
✔ Memorize malware types
✔ Know social engineering attacks
✔ Understand MFA & authentication
✔ Know encryption basics
✔ Practice incident response steps
Quick Knowledge Check
- What does ransomware do?
A. Speeds up PC
B. Locks data
C. Deletes OS
D. Tracks location - Phishing is what type of attack?
A. Hardware
B. Social engineering
C. Physical
D. Network - Strongest wireless security?
A. WEP
B. WPA
C. WPA2
D. WPA3 - What is MFA?
A. Multiple files
B. Multi-factor authentication
C. Memory function
D. Firewall type - What does firewall do?
A. Store data
B. Filter traffic
C. Encrypt files
D. Run apps
Answers: 1-B, 2-B, 3-D, 4-B, 5-B