CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [273]
As for software, be careful about installing anything new, especially if it is from the Internet. Go out of your way to verify the source identity and reliability before downloading. Then check the file for authenticity and integrity before you launch it. This action often requires you to check the filename, time/date stamps, exact file size, hash value, and certificate/digital signature.
Only install software you actually need and will regularly use. If you find yourself often “test-driving” new software and then removing it later, consider creating a test-drive system, which can be a completely separate physical computer or just a virtual computer in a VMware or Virtual Server environment. A test-drive system provides you with two security improvements. First, it greatly reduces the risk of installing malicious code onto your primary system. Second, it prevents you from cluttering your primary system with unneeded, useless software. Even if you elect to uninstall software, it often leaves traces of itself in the form of Registry entries, data folders, configuration files, and shortcuts. These orphaned items clutter the system, can eventually cause performance and storage problems, and might be increasing your attack surface. Each time you test-drive new software, just delete the virtual machine file and create a new one for the next program down the road.
Review all of the software utilities and add-ons that come with the OS. If you don’t need them, remove them or prevent them from loading. Disable all unneeded protocols.
When you’ve completed the hardware/software weight-loss program, take a complete inventory of the resultant system and create an image-level backup. This image-level backup will serve as your road map should you ever need to reconstitute the computer in the event of a major catastrophe. Securing new systems is always a long and involved process. But through detailed documentation and good backup solutions, rebuilding, duplicating, or improving a secured system is much simpler the next time.
Once you know what you are left with, you need to perform more research to learn about the strengths and weaknesses of every aspect of the OS, active services, employed protocols, and installed software. After you know the vulnerabilities, methods, and tools of attacks, along with the resultant risks, you can take steps to reduce the risks by implementing safeguards and countermeasures.
Securing the Wireless Environment
Wireless networking is a hot feature of many networks. Unfortunately, too many organizations rushed in and deployed wireless networks without realizing the security implications. Wireless networking as defined in IEEE 802.11 does not actually provide for realistic security, in spite of its claim. 802.11 defines a form of authentication and data encryption named Wired Equivalent Privacy (WEP). WEP never did—and wireless in general never will—provide the same level of privacy (aka security) as a wire. A wire can be run inside an insulating and difficult-to-penetrate conduit, making eavesdropping, hijacking, and even interruption nearly impossible. Wireless networking is actually radio wave networking. It will always be possible to capture, hijack, and interrupt radio waves. As new communication encryption protocols are deployed over wireless networks, it becomes harder to extract the transmitted data or use a wireless connection without authorization, but it doesn’t make packet capturing and jamming any less difficult.
The wireless network is not and never will be secure. Use wireless only when absolutely necessary or when attempting to attract customers. But even customers probably won’t have to access your secured private company LAN. If you must deploy a wireless network, here