Question

In: Computer Science

Case Study 1: Securing your home computer You just purchased a brand new computer for your...

Case Study 1: Securing your home computer
You just purchased a brand new computer for your home environment. It comes with the latest operating system, Internet connectivity and all accessories to complete your home office and school activities. You also have an Internet Service Provider where you can easily use the existing network to connect to the Internet and to perform some online banking.
Describe the steps you plan to go through to ensure this new computer system remains as secure as possible. Be sure to discuss the details of firewall settings you plan to implement, browser privacy and security settings, and recommended software (e.g., Anti-virus and others) you will install. Also, describe your password strength policy you plan to adopt, and what you envision to do to ensure your online banking site is encrypted and uses the proper certificates.
Discussion of operating system patches and application updates should also be included. As you discuss these steps, be sure to justify your decisions bringing in possible issues if these steps are not followed. You can discuss this for a specific type of computer (e.g. MAC or PC) to make the scenario more appropriate for your environment.

Solutions

Expert Solution

Answer:-

iam discussing for pc security.the steps shoudl be flollwed as below.

Describe the steps you plan to go through to ensure this new computer system remains as secure as possible.

The following are important steps you should consider to make your computer more secure. While no individual step will eliminate all risk, when used together, these defense-in-depth practices will strengthen your computer’s security and help minimize threats.

  • Secure your router. When you connect a computer to the internet, it’s also connected to millions of other computers—a connection that could allow attackers access to your computer. Although cable modems, digital subscriber lines (DSLs), and internet service providers (ISPs) have some level of security monitoring, it’s crucial to secure your router—the first securable device that receives information from the internet. Be sure to secure it before you connect to the internet to strengthen your computer’s security. (See Securing Your Home Network for more information.)
  • Enable and configure your firewall. A firewall is a device that controls the flow of information between your computer and the internet. Most modern operating systems (OSs) include a software firewall. The majority of home routers also have a built-in firewall. Refer to your router’s user guide for instructions on how to enable your firewall and configure the security settings. Set a strong password to protect your firewall against unwanted changes. (See Understanding Firewalls.)
  • Install and use antivirus software. Installing an antivirus software program and keeping it up-to-date is a critical step in protecting your computer. Many types of antivirus software can detect the presence of malware by searching for patterns in your computer’s files or memory. Antivirus software uses signatures provided by software vendors to identify malware. Vendors frequently create new signatures to ensure their software is effective against newly discovered malware. Many antivirus programs offer automatic updating. If your program has automatic updates, enable them so your software always has the most current signatures. If automatic updates aren’t offered, be sure to install the software from a reputable source, such as the vendor’s website. (See Understanding Anti-Virus Software.)
  • Remove unnecessary software. Intruders can attack your computer by exploiting software vulnerabilities, so the fewer software programs you have installed, the fewer avenues there are for potential attack. Review the software installed on your computer. If you don’t know what a software program does, research the program to determine whether or not the program is necessary. Remove any software you feel isn’t necessary after confirming it’s safe to remove. Back up important files and data before removing unnecessary software to prevent accidentally removing programs that turn out to be essential to your OS. If possible, locate the installation media (e.g., CD) for the software in case you need to reinstall it.
  • Modify unnecessary default features. Like removing unnecessary software, modifying or deleting unnecessary default features reduces attackers’ opportunities. Review the features that are enabled by default on your computer, and disable or customize those you don’t need or don’t plan on using. As with removing unnecessary software, be sure to research features before modifying or disabling them.
  • Operate under the principle of least privilege. In most instances of malware infection, the malware can operate only using the privileges of the logged-in user. To minimize the impact of a malware infection, consider using a standard or restricted user account (i.e., a non-administrator account) for day-to-day activities. Only log in with an administrator account—which has full operating privileges on the system—when you need to install or remove software or change your computer’s system settings.
  • Secure your web browser. When you first install a web browser on a new computer, it will not usually have secure settings by default, you will need to adjust your browser’s security settings manually. Securing your browser is another critical step in improving your computer’s security by reducing attacks that take advantage of unsecured web browsers. (See Securing Your Web Browser.)
  • Apply software updates and enable automatic updates. Most software vendors release updates to patch or fix vulnerabilities, flaws, and weaknesses (bugs) in their software. Intruders can exploit these vulnerabilities to attack your computer. Keeping your software updated helps prevent these types of infections. (See Understanding Patches and Software Updates.) When setting up a new computer, go to your software vendors’ websites to check for and install all available updates. Many OSs and software programs have options for automatic updates. Enable automatic updates if they are offered; doing so will ensure your software is always updated, and you won’t have to remember to do it yourself. Only download software updates directly from a vendor’s website, from a reputable source, or through automatic updates.
  • Create strong passwords. Use the strongest, longest password or passphrase permitted. Don’t use passwords that attackers can easily guess, like your birthday or your child’s name. Attackers can use software to conduct dictionary attacks, which try common words that may be used as passwords. They also conduct brute force attacks, which are random password attempts that run until one is successful. When setting security verification questions, choose questions and answers for which an internet search would not easily yield the correct answer (e.g., your pet’s name). (See Choosing and Protecting Passwords.)

what you envision to do to ensure your online banking site is encrypted and uses the proper certificates.

Each type and variant of banking Trojans may operate differently to infiltrate the victim’s online banking account. Some may lead the victim to a fake login website, thereby stealing their login credentials and logging in to the real website simultaneously; while others may initiate a fund transfer without the victim’s knowledge. No matter what form the banking Trojans take, their common objective is to steal money from the victim’s bank account.

Protect your bank account details

To avoid becoming a victim of these cyber threats, keep your confidential information well protected. The password that you use to log in to your bank account should be unique from the passwords for your other online accounts. Do not share your passwords with others. Refrain from divulging personal information such as your date of birth on the Internet as it may be used by the bank to verifying your identity.

Beware of social engineering tactics

Banks will never use channels such as email to request for your banking details. If you receive such emails that appear to be from your bank, you should report it to your bank immediately instead of replying or clicking on links in the e-mail.

Familiarise yourself with the bank’s security measures

To prevent yourself from accessing a fraudulent banking website, familiarise yourself with the bank's security measures. Banks will usually send advisories to their clients if they intend to change their security measure, such change would not be done overnight. If you find that the website’s authentication process is different from your previous experience, refrain from entering your login details. Check the website’s authenticity before proceeding further. Here are some steps that you may take:

  • Confirm that the URL of the website in the address bar is the same as your bank’s
  • Confirm the SSL certificate of the website is issued to your bank by a trusted certifying authority and within the validity period
  • Compare the website’s authentication process when accessed from another device (in case your computer has been infected by a banking Trojan)

When in doubt, check with your bank.

Practise safe surfing habits

Refrain from accessing your banking website on a public or shared computer, you never know if the information you entered are being tracked. Even if you are accessing the banking website on your own computer, always log off and clear the cache on your browser to remove transaction records. Also refrain from surfing suspicious websites as malicious software may be installed without your knowledge.

Check your bank account transactions regularly

Hackers (of the criminal variety) are a scary bunch—whether working as part of an organized unit or an idealist with a political agenda, they’ve got the knowledge and the power to access your most precious data. If hackers want to target a particular company, for example, they can find vast amounts of information on that company just by searching the web. They can then use that info to exploit weaknesses in the company’s security, which in turn puts the data you’ve entrusted to that company in jeopardy.

Think of your home computer as a company. What can you do to protect it against cybercriminals? Instead of sitting back and waiting to get infected, why not arm yourself and fight back?

Bad guys, beware. We’ve got 10 ways to beat you.

  1. Update your OS and other software frequently, if not automatically. This keeps hackers from accessing your computer through vulnerabilities in outdated programs (which can be exploited by malware). For extra protection, enable Microsoft product updates so that the Office Suite will be updated at the same time. Consider retiring particularly susceptible software such as Java or Flash, especially as many sites and services continue to move away from them.
  2. Download up-to-date security programs, including anti-malware software with multiple technologies for protecting against spyware, ransomware, and exploits, as well as a firewall, if your OS didn’t come pre-packaged with it. (You’ll want to check if your OS has both firewall and antivirus built in and enabled by default, and whether those programs are compatible with additional cybersecurity software.)
  3. Destroy all traces of your personal info on hardware you plan on selling. Consider using d-ban to erase your hard drive. For those looking to pillage your recycled devices, this makes information much more difficult to recover. If the information you’d like to protect is critical enough, removing the platters where the information is stored then destroying them is the way to go.
  4. Do not use open Wi-Fi on your router; it makes it too easy for threat actors to steal your connection and download illegal files. Protect your Wi-Fi with an encrypted password, and consider refreshing your equipment every few years. Some routers have vulnerabilities that are never patched. Newer routers allow you to provide guests with segregated wireless access. Plus, they make frequent password changes easier.
  5. Speaking of passwords: password protect all of your devices, including your desktop, laptop, phone, smartwatch, tablet, camera, lawnmower…you get the idea. The ubiquity of mobile devices makes them especially vulnerable. Lock your phone and make the timeout fairly short. Use fingerprint lock for the iPhone and passkey or swipe for Android. “It’s easy to forget that mobile devices are essentially small computers that just happen to fit in your pocket and can be used as a phone,” says Jean-Philippe Taggart, Senior Security Researcher at Malwarebytes. “Your mobile device contains a veritable treasure trove of personal information and, once unlocked, can lead to devastating consequences.”
  6. Sensing a pattern here? Create difficult passwords, and never use the same ones across multiple services. If that’s as painful as a stake to a vampire’s heart, use a password manager like LastPass or 1Password. For extra hacker protection, ask about two-step authentication. Several services have only recently started to offer 2FA, and they require the user to initiate the process. Trust us, the extra friction is worth it. Two-factor authentication makes taking over an account that much more difficult, and on the flip side, much easier to reclaim should the worst happen.
  7. Come up with creative answers for your security questions. People can now figure out your mother’s maiden name or where you graduated from high school with a simple Google search. Consider answering like a crazy person. If Bank of America asks, “What was the name of your first boyfriend/girlfriend?” reply, “Your mom.” Just don’t forget that’s how you answered when they ask you again.
  8. Practice smart emailing. Phishing campaigns still exist, but cybercriminals have become much cleverer than that Nigerian prince who needs your money. Hover over links to see their actual URLs (as opposed to just seeing words in hyperlink text). Also, check to see if the email is really from the person or company claiming to have sent it. If you’re not sure, pay attention to awkward sentence construction and formatting. If something still seems fishy, do a quick search on the Internet for the subject line. Others may have been scammed and posted about it online.
  9. Some websites will ask you to sign in with a specific service to access features or post a comment. Ensure the login option isn’t a sneaky phish, and if you’re giving permission to an app to perform a task, ensure you know how to revoke access once you no longer need it. Old, abandoned connections from service to service are an easy way to see your main account compromised by spam.
  10. Keep sensitive data off the cloud. “No matter which way you cut it, data stored on the cloud doesn’t belong to you,” says Taggart. “There are very few cloud storage solutions that offer encryption for ‘data at rest.’ Use the cloud accordingly. If it’s important, don’t.”

While most banks allow their clients to set financial limits for online transactions, cyber criminals may make multiple small value fund transfers to work around these limits. As a precautionary measure, check your bank account transactions regularly for any unauthorised transactions.

Online banking has brought about ease and convenience for us. However, you should always be cautious of the perils of the Internet.

Discussion of operating system patches and application updates should also be included.

1. Software updates do a lot of things

Software updates offer plenty of benefits. It’s all about revisions. These might include repairing security holes that have been discovered and fixing or removing computer bugs. Updates can add new features to your devices and remove outdated ones.

While you’re at it, it’s a good idea to make sure your operating system is running the latest version.

2. Updates help patch security flaws

Hackers love security flaws, also known as software vulnerabilities. A software vulnerability is a security hole or weakness found in a software program or operating system. Hackers can take advantage of the weakness by writing code to target the vulnerability. The code is packaged into malware — short for malicious software.

An exploit sometimes can infect your computer with no action on your part other than viewing a rogue website, opening a compromised message, or playing infected media.

What happens next? The malware can steal data saved on your device or allow the attacker to gain control over your computer and encrypt your files.

Software updates often include software patches. They cover the security holes to keep hackers out.

3. Software updates help protect your data

You probably keep a lot of documents and personal information on your devices. Your personally identifiable information — from emails to bank account information — is valuable to cybercriminals.

They can use it to commit crimes in your name or sell it on the dark web to enable others to commit crimes. If it’s a ransomware attack, they might encrypt your data. You might have to pay a ransom for an encryption key to get it back. Or, worse, you might pay a ransom and not get it back.

Updating your software and operating systems helps keep hackers out.


Related Solutions

You just purchased a new home and decided to build your hot tub behind it. After...
You just purchased a new home and decided to build your hot tub behind it. After several hours of careful work in the field, you figure out that they will need to excavate exactly 5.0m3 of soil. You go out and sub-sample representative spots in the soil as it is excavated and find that it weighed 120g right after you pulled it out of the hole, and then weighed 92g after you dried it out in the oven. Your contractor...
home / study / / questions and answers / you just took a new job as...
home / study / / questions and answers / you just took a new job as general manager with a manufacturing company. they brought you in ... Question: You just took a new job as general manager with a manufacturing company. They brought you in beca... You just took a new job as general manager with a manufacturing company. They brought you in because sales and profits are declining. As you look into the company sales and profits issues during...
You have just purchased a new home and have taken out a mortgage loan for $300,000...
You have just purchased a new home and have taken out a mortgage loan for $300,000 at an interest rate of 4.00% and a maturity of 30 years. You will make 360 equal monthly payments. What is the amount of your monthly payment? Please fill in the amortization schedule below for the first two months (month1 and 2) of the 360 months that you will be paying on the mortgage. Hint: PVA = Payment [1-(1+r)^-N / r] Please fill in...
1) You have just purchased a home and taken out a $ 530,000 mortgage. The mortgage...
1) You have just purchased a home and taken out a $ 530,000 mortgage. The mortgage has a 30​-year term with monthly payments and an APR of 5.20%. a. How much will you pay in​ interest, and how much will you pay in​ principal, during the first​ year? b. How much will you pay in​ interest, and how much will you pay in​ principal, during the 20th year​ (i.e., between 19 and 20 years from​ now)? 2) You need a...
Case study: Microsoft – increasing or diminishing returns? In some industries, securing the adoption of an...
Case study: Microsoft – increasing or diminishing returns? In some industries, securing the adoption of an industry standard that is favourable to one’s own product is an enormous advantage. It can involve marketing efforts that grow more productive the larger the product’s market share. Microsoft’s Windows is an excellent example. The more customers adopt Windows, the more applications are introduced by independent software developers, and the more applications that are introduced the greater the chance for further adoptions. With other...
Your pickup truck is high mileage and needing replacement. You have purchased a brand new F250...
Your pickup truck is high mileage and needing replacement. You have purchased a brand new F250 XLT 4 door pickup truck. You were able to negotiate a total cost of $38,000 for this vehicle. For convenience, you decided to trade your vehicle in, and the dealership is offering $5,000 for your car as a trade in. You have decided to finance this vehicle for 7 years through Texas Tech Federal Credit Union for 4.9%. After making payments on your vehicle...
Surgical Technology program Case study: Your facility has just purchased a very expensive surgical robotic training...
Surgical Technology program Case study: Your facility has just purchased a very expensive surgical robotic training system and the OR staff is being trained in its use for gynecological and urological procedures.           Questions Q1. How will working with the robot affect your role as a CST? Q2. what will be the variations in surgical instrumentation between gynecological urological procedures? Q3. How do you think the facility justified the cost involved with the purchase and maintenance of the robotic, and...
Pretend you are the coordinator in a brand new home for late adults. How would you...
Pretend you are the coordinator in a brand new home for late adults. How would you set the home up so that the residents are getting their physical, cognitive, and psychosocial needs met? What would the structure of the home be like? What kinds of activities would you implement, if any? What kinds of social interactions would you promote? What would you want to make sure to emphasize? What might some of your concerns be?
CASE STUDY #1 You are working Monday to Friday in Mrs. Farley’s home from 0700 to...
CASE STUDY #1 You are working Monday to Friday in Mrs. Farley’s home from 0700 to 1100 and then you go to Mr. Brown’s home from 1230 to 1530. Over the last couple of weeks, the PSW (Sharon) who is assigned to Mrs. Farley’s home from 1100 to 1500 has been arriving consistently late by half an hour. It takes you approximately 45 minutes (on a good day) to travel by bus to Mr. Brown’s house. This has caused you...
Why is there a huge price difference on brand new textbooks being purchased at your local...
Why is there a huge price difference on brand new textbooks being purchased at your local College Bookstore compared to buying brand new on Amazon? Include barriers to entry, elasticity of demand,and economies of scale in your answer.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT