Fundamentals of it security courses textbook pdf download

In any case all the current unsaved work will be lost; in the last two cases the operating system can sometimes be damaged but very often it will repair by itself the next time the computer is turned on. Therefore it is always a very good idea to save very often the current work, especially when it is important, urgent, or difficult to redo.

Keyboards and languages Before starting this section it is necessary to take a close look at your keyboard. Another operation which can be useful in a multilanguage environment is changing the keyboard. While this can be done from the Language menu of the Control Panel, it is much easier to adjust it directly from the right side of the application bar, simply clicking on keyboard icon and selecting the appropriate one.

File system Before starting this section it is necessary to do the following operations: 1. In this way extensions see section 2. Page 8 of 33 Edition 8. Paolo Coletti 2. Files and directories Software is stored on storage devices in a special container called file. The operating system uses a lot of files for itself and for its data, a program usually uses one file for itself and other files for its data, and the user uses some files for his data.

A file is represented by a small picture called icon. Another special object is the directory or folder, which is basically a container for files and other directories and is represented with an icon depicting a yellow closed or open folder. Double clicking on a directory opens a new window which presents the directory content. Each storage device is a big directory, accessible from My Computer window, which contains directories and files. Each file and directory can be univocally identified by its absolute path or address.

While, the HPeDiag. Note that, for Windows operating system, capital or small caps letters in paths are perfectly equal. A special and tricky object is the link or shortcut. Although its icon looks like a file icon, the small curved arrow on the left corner clearly indicates that this object is a link. A link is simply an address to a file or directory, it is not a real file or directory. When the user clicks on the link, the computer behaves exactly as if the user is clicking on the real file or directory if Windows can find the real one, which is not the case if in the meantime somebody deleted or moved it.

Therefore it is a good idea for novice users to avoid using links at all. If no program is associated with that file type, Windows asks the user which program should open the file.

Copying a file means reproducing it to another location or to the same location with a different name. Copying a directory means reproducing it to another location, or to the same location with a different name, together with its entire tree of subdirectories and files. If a plus symbol does not appear, press CTRL key to have it appear while dragging. Point the mouse to the destination and click the right mouse button. Moving a file means moving it to another location losing the file in the original place.

Moving a directory means moving it to another location together with its entire tree of subdirectories and files. A link is created in the same directory. Deleting a file means often putting it into the trash can where it can be recuperated unless the trash can is emptied. Deleting a directory means putting it to the trash can together with its entire tree of subdirectories and files.

Pay special attention, since not always the trash can works as user expects and sometimes files are deleted without passing through the trash can. To rename a file or directory, simply select the object, click on the name and retype it.

Usually Windows accepts most names, but novice users should stick with only letters, numbers and spaces, since other characters may be forbidden. After the creation, rename it. Sometimes files occupy a lot of space and need to be reduced to save disk space or to be sent by email; other times files must be put in a package to remain together or to be sent as a single file via email.

To compress a set of files and directories: 1. When double clicking on a compressed file, if the compression program is properly installed, it will open in a window as if it were a directory. Files can be copied from this window to a real directory simply dragging them to the directory.

File types Windows identifies a file type by its extension, which is everything after the last dot in the filename. Usually it is a 3 or 4 character acronym. Using the file extension, Windows knows the file type and decides which program will open that file. If the file extension does not show up, follow the instructions at section 2.

The most important file types are: Edition 8. File permissions For each file Windows 7 operative system uses a permission. The security dialog box shows the list of users or groups of users who may access this object, while not listed users may not access it. The owner of the file usually has full control on it and may change permissions or add new authorized groups or users. A special group is the Administrators group containing the users involved in technical administration of computers which has full control on every object.

These are called network folders. Some of them are: Page 12 of 33 Edition 8. Roaming user profile at UNIBZ Whenever the user logs in on a new computer, usually he should find a complete new profile Desktop, icons, Documents, configuration , which is obviously very annoying. This mechanism, called roaming user profile, works fine only if the user is not using too much disk space which is usually MB, but it is a good idea to stay below MB. If the user is over quota, the system sends a warning via email to the user and, if the user remains over quota, this mechanism does not work anymore.

Moreover, if the user still remains over quota, he will be forbidden from saving any file on the computer he is currently using. Therefore it is a good idea to always work on a USB pen drive which is then copied on another personal computer and to periodically check the disk space looking at the proprieties of this directory. If a warning email has been received or, even worse, roaming user profile does not work anymore, files need to be deleted not from the current computer since the mechanism is not working anymore but directly going through this directory.

Paolo Coletti Basic Computer course book 3. Without entering into technical details, this section will explore the situations in which a novice user can find himself in troubles and how he can try to survive dialoguing with network administrators in their own strange technical language. Technical aspects A computer network is a set of devices which communicate and share resources. Server and client A computer network interaction is based on the client server architecture.

When considering a single interaction, one computer is the server and the other one is the client. The server is the computer which is offering its resource, usually programmed to wait until someone asks for its resource. The client is the computer which uses the resource, which sends the request to a waiting server.

The same computer may be the client for a service and the server for another service. For example, a library computer may have a CD inside its reader shared to the network server for the CD and may be at the same time used by a user to print his own documents client for the printer. Inside the LAN every computer is well identified and usually every user is known.

It is considered a trusted area. It is considered a dangerous area. VPN is typically required to identify portable computers connected via wireless connection. Transfer speed The network connecting components are the cables, which determine the speed of the LAN.

Cables have a speed measure in bps bits per second which indicates how many bits can flow through the cable in one second. Page 14 of 33 Edition 8. To find out how much time does it take to transfer a file with a size expressed in bytes, divide the connection speed in bps by 8 to find out the byte rate per second and then divide the file size by the speed to find out the number of seconds it takes for the file transfer.

For example, to transfer a MB file through an Fast Ethernet connection, find out the speed of Communication Inside a computer network many communication programs are installed on Intranet computers to connect to the Internet or even to internal computers. Web browser A web browser is a client program to navigate the WWW and retrieve web pages.

Mail reader A mail reader is a client program to send and retrieve emails. The market leader is Microsoft Outlook, a commercial proprietary software. It has many competitors, the most famous being the open source Mozilla Thunderbird and the free Windows Live Mail. It can be useful for various reasons: it does not require the installation of a mail reader program; old received emails are always available on the website and can thus be accessed from home, office and while traveling, even without a personal laptop; the mailserver takes care of emails backup.

But on the other hand it requires a continuous fast connection even to write a single long email, which can be costly and, in some situations, impossible and usually the email space is limited. The most famous website interfaces are the Microsoft Outlook Web App, where the web interface looks exactly like Microsoft Outlook, and the Webmail interface, used and personalized by most Internet providers. Posta Elettronica Certificata PEC When sending an email, the sender has no proof that it has been sent, for example to be used in a court of justice, and no guarantee that the email has been dispatched.

Some mail readers use a receipt system, but the receiver is not obliged to send back the receipt. In order to overcome these problems, many solutions have been proposed. When an email is sent from a PEC address to another PEC address, the sender receives two receipt: the first one is a proof that the email has been sent with date and time, while the second one is a proof that the email has been dispatched to the mailbox of the receiver or, equivalently, received by the sender.

However, it is important to note that PEC alone does not guarantee that the sender is really the person who claims to be and that content remains unread until it reaches destination.

In order to overcome these last two problems, encryption and digital signature see section 4. The major difference with respect to most Internet communication systems is that WhatsApp uses a fully centralized architecture, i.

Search engines A search engine is a special program running on a website which offers to the user the possibility of searching other websites for specific web pages.

The user needs to connect to the search engine website Page 16 of 33 Edition 8. Paolo Coletti and digit the keywords, or sometimes even a complete question, and the website returns the list of relevant web pages. Search engines use a crawler technique: they continuously go through the known web pages memorizing their content and trying to discover other web pages through the contained links.

The most popular search engines are Google, the current market leader, Yahoo! It has articles for raw beginners as well as more advanced articles. Chuck Easttom brings together up-to-the-minute coverage of all basic concepts, terminology, and issues, along with all the skills you need to get started in the field. Drawing on his extensive experience as a security instructor and consultant, Easttom thoroughly covers core topics, such as vulnerability assessment, virus attacks, hacking, spyware, network defense, passwords, firewalls, VPNs, and intrusion detection.

Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field. The book examines the elements of computer security, employee roles and responsibilities, and common threats.

Detailing physical security requirements and controls, this updated edition offers a sample physical security policy and includes a complete list of tasks and objectives that make up an effective information protection program. It explains policy format with a focus on global, topic-specific, and application-specific policies. Following a review of asset classification, it explores access control, the components of physical security, and the foundations and processes of risk analysis and risk management.

The text concludes by describing business continuity planning, preventive controls, recovery strategies, and how to conduct a business impact analysis. Each chapter in the book has been written by a different expert to ensure you gain the comprehensive understanding of what it takes to develop an effective information security program.

KEY BENEFIT: This gateway into the world of computer security provides one-volume coverage of all the basic concepts, terminology and issues, along with practical skills essential to security. Topics covered range from those commonly found in security books such as virus attacks, buffer overflow, hacking spyware and network defense, as well as more specialized areas including cyber terrorism, industrial espionage and encryption.

Providing a comprehensive introduction, this volumes examines assessing a target system, denial of service attacks, malware, basics of assessing and securing a system, encryption, Internet fraud, and cyber crime, industrial espionage, cyber terrorism and information warfare, cyber detective, security hardware and software. For system analysts network administrators, network security professionals and security audit professionals.

Author : John A. Effective security rules and procedures do not exist for their own sake-they are put in place to protect critical assets, thereby supporting overall business objectives.

Recognizing security as a business enabler is the first step in building a successful program. Information Security Fundamentals allows future security professionals to gain a solid understanding of the foundations of the field and the entire range of issues that practitioners must address. This book enables students to understand the key elements that comprise a successful information security program and eventually apply these concepts to their own efforts.

It examines the need for management controls, policies and procedures, and risk analysis, and also presents a comprehensive list of tasks and objectives that make up a typical information protection program. The volume discusses organizationwide policies and their documentation, and legal and business requirements.

It explains policy format, focusing on global, topic-specific, and application-specific policies. Following a review of asset classification, the book explores access control, the components of physical security, and the foundations and processes of risk analysis and risk management.

Information Security Fundamentals concludes by describing business continuity planning, including preventive controls, recovery strategies, and ways to conduct a business impact analysis. This package contains the following components: Computer Security Fundamentals Information Security: Principles and Practices.

The sixth edition also includes expansive coverage of embedded device security, attacks and defenses, and the latest developments and trends in information security, including new software tools to assess security. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

We will first cover the basic knowledge needed to understand the key concepts of information security, discussing many of the concepts that underpin the security world. We will then dive into practical applications of these ideas in the areas of operations, physical, network, operating system, and application security.