Unit 9 Lab Security Basics
Task 1: Features of Hardware and Software Firewalls * Hardware Firewall – Cisco ASA 5505 Firewall 1) Usually purchased as a stand-alone product typically found in routers or other networking equipment. 2) Usually a minimum of 4 network ports (the Cisco unit has 8) 3) Usually used in businesses or large networking systems 4) Intended for network security * Software Firewall – 2014 Trend Micro Instant Security and Antivirus 1) Usually purchased by individual users 2) Usually an installable form of software 3) Protects from outside attempts to control or gain access to your computer 4) Protects against Trojan programs or email worms 5) Only protects individual computer, not a network
Task 2:
Part 1: Which anti-virus program is free and which provide trial versions * Panda – No free trial or free version; yearly prices : $31.99, $49.99, $35.00 * Norton – No free product ,free trial version for 30 days; yearly prices : $49.99, $79.99, $49.99 * McAfee – No free or trial versions; yearly prices : $79.99, $49.99, $44.99 * AVG – No freeware, trial for 30 days; yearly prices : $39.99, $54.99 * Kaspersky – Offers a free anti-virus software and 30 trial; yearly prices : $69.95, $64.95, $59.95, $59.95
Part 2: Define malicious code terms
Term – Trojan horse Program
Definition – generally non-self-replicating type of malware program containing malicious code that, when executed, carries out actions determined by the nature of the Trojan, typically causing loss or theft of data and possible system harm.
How it works – A Trojan often acts as a backdoor, contacting a controller which can then have unauthorized access to the affected computer. A computer may hosts a Trojan via a malicious program a user is duped into executing or by drive-by download.

Term – Malicious Email attachments
Definition – Email attachments are a way for a sender to transmit files to another user via email. In a similar way to junk mail coming in your mailbox, email users regularly receive unsolicited emails from unknown senders. These emails can often contain links to malicious web sites or have attachments containing malicious software.
How it works – If you open a malicious attachment it could do a number of undesirable things such as installing a key logger to record your keystrokes, installing a virus, or even providing an intruder with remote access to your computer.
Term – Drive-by download
Definition – means 2 things, each concerning the unintended download of computer software from the internet: 1. Downloads which a person authorized but without understanding the consequences 2. Any download that happens without a person’s knowledge, often a computer virus, spyware, malware, or crimeware.
How it works – Drive-by downloads may happen when visiting a website, viewing an email message or by clicking on a deceptive pop-up window. By clicking on the window in the mistaken belief that, for instance, an error report from the computer operating system itself is being acknowledged, or that an innocuous advertisement pop-up is being dismissed. In such cases, the “supplier” may claim that the user “consented” to the download, although actually the user was unaware of having started an unwanted or malicious software download.

Part 3 * 3.1
Full Backup – A complete backup of everything you want to backup
Differential Backup – The backup software looks at which files have changed since you last did a full backup and then creates copies of all the files that are different from the ones in the full backup. If you do a differential backup more than once, it will copy all the files that have changed since the last full backup, even if you already have identical copies of those files in a previous differential backup. For restoring all the data, you will need the last full backup and the last differential back up.
Incremental Backup – The backup software creates copies of all the files, or parts of the files that have changed since previous backups of any type (Full, Differential, or Incremental). For example, you do a full backup on Sunday. An incremental backup made on Monday would only contain files changed since Sunday and so forth. * 3.2
Backups should be stored off-site and periodically tested to ensure that the data is in a place in case the original is lost in fire, flood, stolen etc. It should be tested regularly to ensure it is in working condition. Your backup is only good if it is actually working. * 3.3
Cold Site – A cold site is the least expensive type of backup site for an organization to operate. It does not include backed up copies of data and information from the original location of the organization, nor does it include hardware already set up. The lack of hardware contributes to the minimal start-up costs of the cold site, but requires additional time following the disaster to have the operation running at a capacity close to that prior to the disaster.
Hot Site – A duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data. Real time synchronization between the two sites may be used to completely mirror the data environment of the original site using wide area network links and specialized software. Following a disruption to the original site, the hot site exists so that the organization can relocate with minimal losses to normal operations. Ideally, a hot site will be up and running within a matter of hours if not less. This is the most expensive type of off-site backup. These sites are popular with financial institutions, government agencies, and Ecommerce providers.
Warm Site - A warm site is a compromise between hot and cold sites. These sites will have hardware and connectivity already established, though on a smaller scale than the original production site or even a hot site. Warm sites will have backups on hand, but they may not be complete and may be between several days to a week to get back to normal operations. An example would be backup tapes sent to the warm site by courier.
Task 4 – 1. Mi$$i$$ippi - Fr00gie! - $k8teR! - $urf1ng! 2. Tomorrow is not promised today, what would Jesus do
TinptWwJd
Does a bear sh** in the woods?
Dabsitw?
Does a one legged duck swim in circles?
Da1ld$ic?
Aren’t you a chip off the old block
AuAcotob
Momma told me, my only son, come site beside me
MtMm0sc$bm
3.

Works Cited
AVG. (n.d.). Retrieved May 29th, 2014, from http://www.avg.com/us-en/av_buy_2014_ppc
Backup Info. (n.d.). Retrieved May 29th, 2014, from http://www.backup.info/difference-between-full-differential-and-incremental-backup
Google. (n.d.). Retrieved May 29th, 2014, from https://www.google.com/#q=hardware+firewalls&tbm=shop&spd=16774847306006198780
Google. (n.d.). Retrieved May 29th, 2014, from https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&es_th=1&ie=UTF-8#q=software+firewall&tbm=shop&spd=9132287006925228420
Kaspersky. (n.d.). Retrieved May 29th, 2014, from http://usa.kaspersky.com/store/kaspersky-store#creativeID1199creativeID1232
Make it Secure. (n.d.). Retrieved May 29th, 2014, from http://www.makeitsecure.org/en/malicious-email-attachments.html
McAfee. (n.d.). Retrieved May 29th, 2014, from http://promos.mcafee.com/offer.aspx?id=664617&lqmcat=SEM:Google:US:44953998122:mcafee:Brand:g&gclid=COGMzdqv0r4CFavm7Aod4WUAWA
Norton. (n.d.). Retrieved May 29th, 2014, from http://buy-static.norton.com/norton/ps/3up_us_en_navnis360_nort.html?om_sem_cid=hho_sem_sy:us:ggl:en:e|kw0000004480|32004403276|c&country=US
Panda Security. (n.d.). Retrieved May 29th, 2014, from http://www.pandasecurity.com/security-promotion/antivirusoffer/usa/?track=109089&gclid=CP-Ut5yu0r4CFTBk7Aod5A8AzA
Password Meter. (n.d.). Retrieved May 29th, 2014, from http://www.passwordmeter.com/
Webopedia. (n.d.). Retrieved May 29th, 2014, from http://www.webopedia.com/DidYouKnow/Hardware_Software/firewall_types.asp
Wikipedia. (n.d.). Retrieved May 29th, 2014, from http://en.wikipedia.org/wiki/Drive-by_download
Wikipedia. (n.d.). Retrieved May 29th, 2014, from http://en.wikipedia.org/wiki/Trojan_horse_(computing)
Wikipedia. (n.d.). Retrieved May 29th, 2014, from http://en.wikipedia.org/wiki/Backup_site