site_logo

Previous Next


  1. A+ Core 2 Practice Tests
  2. A+ Lab Simulator
  3. A+ LabSim w/ ExamSim
  4. A+ Core2 Cram Notes

A+ Core 2 Certification Cram Notes : Security

2.2 Explain the following wireless security protocols and authentication methods

Authentication methods

Authentication refers to the process of verifying the identity of a user, device, or system before granting access to a resource or service.

Remote Authentication Dial-In User Service (RADIUS): RADIUS is a protocol that allows network access servers (NAS) to communicate with a central authentication server to verify user credentials. It is commonly used in enterprise networks to authenticate remote users who are accessing network resources via a VPN connection.

Terminal Access Controller Access-Control System (TACACS+): TACACS+ is a protocol that provides centralized authentication, authorization, and accounting (AAA) services for network devices such as routers, switches, and firewalls. It allows granular control over access to network resources and enables organizations to track and audit user activity.

Kerberos: Kerberos is a network authentication protocol that provides strong authentication for client/server applications. It uses a trusted third-party authentication server to verify the identity of users and grant them access to network resources.

Multifactor Authentication: Multifactor authentication (MFA) is a security mechanism that requires users to provide multiple forms of authentication to verify their identity. This typically involves a combination of something the user knows (such as a password), something the user has (such as a smart card or mobile device), and something the user is (such as a biometric factor like a fingerprint or facial recognition). MFA provides an additional layer of security beyond just a username and password.

2.3 Explain the following with respect to preventing/removing malware using the appropriate tools and methods

Malware

Malware is a type of software that is designed to harm or exploit computers or computer networks. Different types of malware include:

Trojan: A program that looks legitimate but actually performs malicious activities, such as stealing sensitive information or allowing unauthorized access to a system.

Rootkit: A type of software that is designed to hide the presence of other malware or unauthorized activity on a system. Rootkits can be difficult to detect and remove.

Virus: A program that can replicate itself and spread to other computers or systems. Viruses can cause a wide range of problems, from annoying pop-ups to damaging files or even rendering a system inoperable.

Spyware: A program that is designed to collect information about a user's activity without their knowledge or consent. Spyware can be used for a variety of purposes, including identity theft or targeted advertising.

Ransomware: A type of malware that encrypts files on a system and demands payment in exchange for the decryption key. Ransomware attacks can be devastating for individuals and businesses.

Keylogger: A program that captures and records keystrokes made on a computer or other device. Keyloggers can be used to steal passwords, credit card numbers, and other sensitive information.

Boot sector virus: A type of virus that infects the boot sector of a computer's hard drive, making it difficult to remove.

Cryptominers: Malware that hijacks a computer's processing power to mine cryptocurrencies without the user's knowledge or consent.

To prevent and remove malware, a variety of tools and methods can be used:

Antivirus software: Programs that can detect and remove malware from a system.

Malware scanners: Programs that can scan a system for malware and identify any threats.

Firewall: Software or hardware that can monitor network traffic and block unauthorized access or malicious activity.

Patch management: Keeping software and operating systems up to date with the latest security patches can help prevent vulnerabilities that malware can exploit.

User education: Educating users about the risks of malware and how to avoid it, such as avoiding suspicious links or attachments in emails, can help prevent infections.

Microsoft provides multiple malware prevention tools for its OS, including:

1. Windows Defender: This is a built-in antivirus program that comes with all versions of Windows 10. It provides real-time protection against malware, spyware, and other threats.

2. Microsoft Security Essentials: This is a free antivirus program that can be downloaded for earlier versions of Windows, such as Windows 7 and Windows 8.

3. Malicious Software Removal Tool (MSRT): This tool is designed to detect and remove specific types of malware, such as Blaster, Sasser, and Mydoom. It is typically updated every month and can be downloaded from Microsoft's website.

4. Windows Firewall: This is a built-in firewall that provides protection against unauthorized access to your computer over the network.

5. Microsoft Safety Scanner: This is a free on-demand scanner that can be used to remove malware from a Windows computer. It does not provide real-time protection but can be used to scan for and remove existing malware.

Tools and methods

Recovery mode: This is a feature built into the operating system that allows users to recover their system in the event of a critical failure. It can be used to restore the system to a previous state or to perform a clean installation of the operating system.

Antivirus: Antivirus software is designed to detect and remove malicious software from a computer system. It works by scanning files and processes for known patterns of malicious code.

Anti-malware: Anti-malware software is similar to antivirus software but is designed to detect and remove a wider range of malicious software, including spyware, adware, and other types of unwanted software.

Software firewalls: A software firewall is a program that monitors network traffic and can block incoming and outgoing traffic based on predefined rules. This can help prevent malware from communicating with command-and-control servers.

Anti-phishing training: Anti-phishing training is a form of user education that teaches users how to recognize and avoid phishing scams. This can include things like identifying suspicious email messages or recognizing fake websites.

User education regarding common threats: This involves educating users about common threats such as malware, phishing, and social engineering. This can help users recognize potential threats and avoid falling victim to them.

OS reinstallation: In some cases, the only way to completely remove malware from a system is to perform a clean installation of the operating system. This involves formatting the hard drive and reinstalling the operating system and all applications from scratch.


Previous Next



simulationexams.com ad

certexams.com ad