Chapter

3
IPNRTOPEL EECRTYTUAL
LAW

DIGITAL DEVICES
SECURITY, TOOLS&
TECHNOLOGIES FOR
CYBER SECURITY
3.1 DIGITAL DEVICES SECURITY
Digital devices security is the practice of protecting digital devices from unauthorized
access, use, disclosure, disruption, modification, or destruction. It is a critical aspect of
cybersecurity, as digital devices store and transmit a vast amount of sensitive data.
Page | 3.2
Digital Devices Security, Tools &Technologies for Cyber S
There are a number of tools and technologies that can be used to secure digital
Security
including: devices,
Firewalls: Firewalls are barriers that control and monitor incoming and
network traffic. They can be used to block unauthorized access to a outgoing
device
network, and to prevent the spread of malware.
Antivirus Software: Antivirus software is designed to detect and
remove
such as viruses, worms, and Trojan horses. It can also be used to protect againe malwware,
phishing attacks, which are attempts to trick users into revealing personal
information or downloading malware.

Multi-Factor Authentication (MFA): MFA is an extra layer of security that requires

users to provide more than one piece of evidence to verify their identity. This can
help to prevent unauthorized access to accounts, even if a user's passwowd.
compromised.
Virtual Private Networks (VPNs): VPNs create a secure tunnel over the internet.
allowing users to connect to aprivate network remotely. This can be used to Drotat
data from being intercepted by unauthorized parties.
Data Encryption: Data encryption scrambles data so that it can only be read hu
authorized users. This can be used to protect sensitive data, such as financal
information or personal records.

Password Management: Password management tools help users to create and store
strong, unique passwords for all of their online accounts. They can also help users to
change their passwords regularly and to avoid using the same password for multiple
accounts.

In addition to using these tools and technologies, there are a number of other things that
users can do to protect their digital devices, including:
Keeping software up to date: Software updates often include security patches thal
fix vulnerabilities that could be exploited by attackers.
Being cautious about what information you share online: Avoid sharing persona
information, such as your address, phone number, or Social Security number, on
social media or other websites.
 Devices Security, Tools & Technologies for Cyber Security Page | 3.3
Digital

Being careful about what links you click on: Only click on links from trusted
SOurces.

Tastalling apps from trusted sources: Only download apps from official app stores.
Being aware of scams: Scammers often try to trick users into revealing personal
information or downloading malware. Be wary of any emails or text messages that
you receive from unknown senders.
Ry following these tips and using the appropriate tools and technologies, you can help
protect your digital devices from cyberattacks.

R2 SETTING, CONFIGURING AND MANAGING THREE

PASSWORD POLICY IN THE COMPUTER
Setting, configuring, and managing password policies are an essential aspect of
maintaining a secure computing environment.
Implementing strong password policies for BIOS, Administrator, and Standard User
accounts is crucial for safeguarding your computer system against unauthorized access and
cvber threats. Here's a comprehensive guide to managing password policies for each
account type:

(1) BIOS Password

The BIOS password is the first line of defense against unauthorized access to your
computer. It protects the BIOS settings, which control the computer's hardware
configuration and boot process.

Setting and Configuring BIOS Password:

1. Enter BIOS: Restart your computer and pres the appropriate key (usually DEL,
F2, F10, or Esc) during the boot process to enter BIOS setup.
2. Locate Password Settings: Navigate to the security or password settings section in
the BIOS.

3. Set BIOS Password: Enable the BIOS password feature and set a strong,
memorable password.
Pge |3.4 Digital Devices Security. Tools & Technologies for Cyber Secus
4. Save and Exit: Save the
hanges and exit BIOS. Your computer will restart, and y
willbe prompted to enter the BIOS password.

Managing BIOS Password:

To change the BIOS password, enter the current password and then set anew o
To disable the BIOS password, enter the current password and then choose
disable the password feature.

(2) Administrator Password

The administrator password is used to log in to the computer as an administrator. T
Administrator acCount is the most powerful user account on a Wndows computer. IF
full control over the system, induding the ability to install software, modify settings. a
manageother user accounts.

Setting and Configuring Administrator Password:

1. Create a Strong Password: Create a strong password that is at least 8 charact
long and incudes a combination of upper and lowercase letters, numbers, a
symbols.
2. Change Administrator Password: Go to Control Panel ’ User Accounts. Click
the Administrator account and select "Change the password". Enter the curr
passwordand set a new one.
3. Enable Complex Password Requirements: Open Group Policy Edi
(gpedit.msc). Navigate to Computer Configuration ’ Windows Settings
Security Settings ’ Account Policies ’ Password Policy. Enable the "Enfo
password history" and "Minimum password length" policies.
Managing Administrator Password:
Rezularly change the Administrator password to maintain security.
Avoid sharing the Administrator password with others.
Create a separate account with administrative privileges for daily tasks and rest
the use of the Administrator account to sensitive or critical actions.
 Devices Security, Tools &Technologies for Cyber Security Page | 3.5
Digital
Standard User Password
(3)
standard user password is used to log in to the Computer as a standard user.
The
Standard users have limited access to the computer and cannot make changes to the svstem
configuration.
Setting and Configuring Standard User Password:
Create Standard User Accounts: Go to Control Panel ’ User Accounts. Click on
"Manage user accounts" and then "Add a new user. Create a standard user
account and set astrong password.

2 Enable Complex Password Requirements: Follow the same steps as for the
Administrator account to enable complex password requirements for standard
users.

Managing Standard User Password:

Encourage standard users to use strong passwords and avoid sharing them with
others.
.ers
nd Regularly remind standard users to change their passwords.
Monitor standard user activity for suspiious behavior.

ent
Additional Tips for Password Management:
It is important to manage your passwords carefully to prevent unauthorized access to
tor
your computer.

Here are some tips for managing your passwords:

Ice
Create strong passwords that are at least 8 characters long and include a mix of
upper and lowercase letters, numbers, and svmbols.
Donot use the same password for multiple accounts.
Change your passwords regularly. Implement password expiry policies to require
users to change their passwords periodically.
rid
Avoid writing your passwords down where they can be easily found.
Avoid using easily guessable passwords, such as birthdays or personal information.
 Page | 3.6
Digital Devices Security, Tools &Technologies for Cyber
Enable two-factor authentication (2FA) for added security.
Secur
bducate users about password security practices and phishing scams.
By following these tips, you can help to keep your computer safe from
access. unauthorize
3.3 SETTING AND CONFIGURING TWO FACTOR
AUTHENTICATION IN THE MOBILE PHONE
Setting up and configuring two-factor authentication (2FA) on your mobile phone is.
essential step in enhancing your account security and protecting your personal informab
2FA adds an extra layer of protection by requiring a second verification method in addi.
to your password when logging in. This second factor carn be in the form of a code sent t

your phone via SMS, a code generated by an authenticator app, or a physical security key
Here's a general guide on how to set up and configure 2FA on your mobile phone:
1. Choose a 2FA method: Decide which 2FA method you prefer to use: SMG
Authenticator app, or Security key. Each method has its own advantages an
disadvantages.
each onlin
2. Enable 2FA for your online accounts: Go to the security settings of
to enable 2REA
account you want to protect with 2FA and look for the option
Follow the instructions provided by the specific service to set up your chosen 2F
method.
numbe
3. Set up SMS 2FA: If you choose SMS 2FA, provide your mobile phone
in to
when prompted. You will receive a code via SMS whenever you try to log
your account on a new device or after a certain period of inactivity.
2FA, downloac
4. Set up Authenticator App 2FA: If you choose authenticator app
and install an authenticator app on your mobile phone. Popular options include
Google Authenticator, Microsoft Authenticator, and Authy. Scan the QR code om
enter the secret key provided by the online service into the authenticator app. The
app willgenerate a code every time you log in to your account.

5. Set up Security key 2FA: If you choose security key 2FA, purchase a security key
and register it with your online accounts. You will need to physically insert the
 Security, Tools &Technologies for Cyber Security Page | 3.7
Digital.Devices
ty security key into your mobile device or computer when prompted to complete the
login process.
Testyour 2FA setup: Once you have set up 2FA for your online accounts, test it by
krving to log in to your accounts on a new device or after a period of inactivity.
Make sure you can successtully receive and enter the verification code or use the
security key to complete the login process.
7 Save Backup codes: Many online services provide backup codes that you can use
bn log in if you lose access to your phone or authenticator app. Keep these backup
codes in a safe place and make sure they are only accessible to you.

8. Keep your mobile phone secure: Protect your mobile phone with a strong
password, PIN, or fingerprint authentication. This ensures that even if your phone
te lost or stolen, unauthorized individuals will not be able to access your 2FA codes
or authenticator app.

Update your 2FA settings regularly: Review your 2FA settings periodically and
make sure they are still up-to-date and reflect your current security needs.
Consider updating your backup codes if you have lost access to your previous
ones.

e
By following these steps and implementing strong security practices, you can
significantly enhance the security of your online accounts and protect them from
unauthorized access.

3.4 SECURITY PATCH MANAGEMENT AND UPDATES IN

COMPUTERS AND MOBILES
Security patch management is a crucial aspect of cybersecurity, ensuring that software
and operating systems are up-to-date with the latest security patches to protect against
vulnerabilities and cyberattacks. Maintaining up-to-date security patches on both computers
and mobile devices is essential for safeguarding your personal information and preventing
unauthorized access.
Security patches are released by software vendors to fix vulnerabilities in their products.
These vulnerabilities can be exploited by attackers to gain unauthorized access to systems,
 Page | 3.8 Digital Devices Security, Tools &Technologies for
Cyber Security
steal data, or cause damage. Regularly applying security patches 1s the singie most effecti
way to protect against cyberattacks. It is an essential part of cybersecurity
for both
individuals and organizations.
3.4.1 Importance of Security Patch Management
Security patch management isimportant in computers and mobiles because it helps to
protect against vulnerabilities that can be exploited by attackers to gain access to
devices and data.
your
Vulnerability isaweakness in software or hardware that can be used by an atacle.
cause harm. Vulnerabilities can be found in operating systems, applications, and firmware
Attackers can use vulnerabilities to:

Steal your personal information, such as your name, address, and credit av
number.

Install malware on your device that can steal your dataor damage your files.
Take control of your device and use it for malicious purposes.
vulnerabilities i
"Security patches are pieces of software that are designed to fix
software or operating systems."
There are a number of reasons why security patch management is important:
It reduces the risk of data breaches. Vulnerabilities can be exploited to stea
sensitive data, such as customer information, financial records, or intellectua
property. Regularly applying security patches can significantly reduce the risk o
data breaches.

" It protects against malware. Malware is software that is designed to harm you
computer system. Malware can steal data, instalother malware, or even hold you
data hostage for ransom. By applying patches promptly,you can help to preven
malware from infecting your system.
It improves system stability. Unpatched vulnerabilities can sometimes cause system
instability and crashes. By applying patches promptly, you can help to keep youm
system running smoothly.
 Security. Tools &Technologies for Cyber Security Page | 3.9
DigitalDDevices

t reduces the risk of legal penalties and non-compliance fines. Many industries
have regulations that require organizations to implement effective patch
management procedures. Failure to comply with these regulations can result in
fines, penalties, or reputational damage.
reduces costs. Cyberattacks can be costly, both in terms of direct financial losses
and indirect costs such as damage to reputation, productivity losses, and legal
expenses. Regularly applying security patchescan help to reduce these costs.
There are a number of things you can do to ensure that your computers and mobiles are
up-to-date with the latest security patches:

Enable automatic updates: Most software will automatically download and install
patches. Make sure that automatic updates are enabled for all of your software.
Check for updates regularly: Even if automatic updates are enabled, it is a good
idea to check for updates regularly. This is especially important for critical software,
such as your operating system and web browser.

Install updates promptly: When you are notified that an update is available, install
it as soon as possible. Do not wait until you have time, as this could leave your
system vulnerable to attack.

3.4.2 Security Patch Management Process

There are a few steps that you can take to implement security patch management:

1. Identify and prioritize vulnerabilities: You can identify vulnerabilities in your

systems through vendor notifications, security scans, or vulnerability databases.
Prioritize vulnerabilities based on their severity and potential impact.
2. Acquire security patches: Obtain security patches from software vendors. Ensure
that the patches are compatible with your systems and do not introduce new
problems.
3. Deploy security patches: Deploy security patches to your systems in a timely
manner. Test the patches to ensure that they do not cause any disruptions.
4. Monitor and verify: Monitor your systems for successful patch deployment. Verify
that the patches have effectively addressed the vulnerabilities.
 Page | 3.10 Digital Devices Security, Tools &Technologies for Cyber
3.4.3 Manage Security Patches for Computers and Mobiles
Security
Managing security patches for computers and mobiles is crucial for
devices and data from cyberattacks. safeguarding your
Here are the steps on how to manage security patches for computers and mobiles:
1. EnableAutomatic updates: Most operating systems, such as Microsoft
Apple macOS, Android and iOS have a built-in feature that will automatically check Windows,
for and install security patches. This is the easiest way to keep your computer or
mobile up to date.
2. Use a Centralized patch management tool: If you have a large number of
computers or mobiles, you may want to use a centralized patch management tonl
This will allow you to manage patches from a single location and make sure that all
of your computers or mobiles are up to date.
3. Manually install security patches: If you are not comfortable with automatie
updates or if you need to install a patch immediately, you can manually install
security patches. To do this, you will need to download the patch from the
software vendor's website and then install it on your computer or mobile.

In addition to the steps above, you should also make sure to:

Keep your software up to date: Software vendors often release security patches to
fix vulnerabilities in their software. Make sure that you are always running the latest
version of your software to minimize the risk of being attacked.
Use strong passwords: Strong passwords are important for protecting your accounts
from unauthorized access. Make sure that your passwords are at least 8 characters
long and include amix of upper and lowercase letters, numbers, and symbols.
Be careful about what you click on: Phishing e-mails and websites are a common
way for attackers to trick people into revealing their personal information or
installing malware on their computers. Be careful about what you click on and only
open e-mails and attachments from people you trust.
By following these steps, you can help to protect your computers and mobiles from
cyberattacks.
 Devlces Security,, Tools &Technologies for Cyber Security Page | 3.11
plgital

3.5 MANAGING APPLICATION PERMISSIONS IN MOBILE

PHONE
Managing application permissions on your mobile phone is an important step in
protecting your privacy and security. Every APP you download requests access to certain
permissions, such as your contacts, location, camera, and microphone. It's important to
reviewthese permissions carefully before granting them.

3.5.1 Types of APP Permissions

Mobile apps request various permissions to function properly, such as accessing your
contacts, location, camera, or storage. While some permissions are essential for the app's
Corefunctionality, others may raise privacy concerns.
Some of the common APP permissions include:
Location Access: Allows apps to track your location data, which can be used for
navigation services, weather updates, or location-based advertising.
Camera Access: Grants apps the ability to capture photos and videos, which is
necessary for camera apps, social media sharing, or augmented reality experiences.
Microphone Access: Enables apps to record audio, essential for voice calls, voice
assistants, or audio recording apps.
Storage Access: Allows apps to read, write, or modify data stored on your device,
often required for storing app data, downloading files, or managing media.
" Contacts Access: Grants apps permission to access your contact list, which can be
used for social networking, messaging apps, or caller ID identification.
Phone Access: Allows apps to make and manage phone calls,send SMS messages,
or access call logs, often required for communication apps or call management tools.
Sensors Access: Enables apps to access various sensors on your device, such as the
accelerometer, or proximity sensor, which can be used for fitness tracking, gaming,
or motion-based features.
Page | 3.12
Digital Devices Security, Tools &Technologies for Cyber
3.5.2 Managing APP
Permissions
Security
To manageapp permissions on your mobile phone:
Open Settings: Access the Settings app on your mobile device.
" Locate Apps: Find the "Apps" or "Applications" section in the Settings menu.
Choose App: Select the app you want to manage permissions for.
Review Permissions: Tap on "Permissions" to view the list of
to the app. permissions granted
Grant or Deny ermissions: Toggle the permission switches to enable or disak.
access for each permission.

General Tips for Managing App Permissions

Limit Unnecessary Permissions: Only grant permissions that are
necessary for the app's functionality. Avoid granting permissions that seor absolutely
unrelated to the app's purpose.
V Review Permissions Regularly: Periodically review the permissions granted to
your apps toensure they are still aligned with your needs and privacy preferenges
Revoke Unused App Permissions: If you no longer use an app, revoke all
permissions granted to it to minimize potential risks.
Beware of Overly Permissive Apps:Be cautious when installing apps that request
awide range of permissions that seem excessive for their intended purpose.
Install Apps from Trusted Sources: Download apps from official app stores like
Google Play Store or Apple App Store to minimize the risk of malicious apps.
V Read App Privacy Policies: Review app privacy policies before installing to
understand how they collect, use, arnd share your data.

Keep Operating System Updated: Ensure your mobile phone's operating system
is up-to-date, as updates often incdude security enhancements and improved
permission managemernt capabilities.
Educate Yourself:Stay informed about the potential risks associated with granting
certain permissions to apps.
 &
Devices
Security, Tools Technologies for Cyber Security
Digital
AND ANTIVIRUS Poge|3.13
VIRUS
B61
resources under
(Vitalinformation seize)
is a
Virus
t o harm your computer. It is
loaded
onto your malicious software program that is
computer without your
,
designed wishes. Once a
against your virus is on your knowledge
and even steal computer, it can
runs
And other files, damage your data, replicate itself and
to your personal infected websites, or
canspreadromone computer to another through e-mail attachments,
spread

drives.
information. Viruses
emovable mediasuch as USB
program that is
Antivirus: software is a designed to protect your computer
software works by scanning your computer for from viruses.
Antivirus
e offers real-time protection,
viruses and removing them. Most
software
antivirus
threats. Some
antivirus continuously
software includes monitoring your system for new
malware
parentalI controls, and phishing protection.
additional security features like-
irewalls,
Someofthe most popular antivirus programs are:
MCAfee Antivirus Plus
Bitdefender Antivirus Plus
ESET NOD32 Antivirus

Bitdefender Antivirus Plus

Kaspersky Internet Security

Malwarebytes Premium

36.1 Installation and Configuration of Computer Antivirus

Installing and configuring antivirus software on your computer is essential for
protecting yourself from viruses, malware, and other online threats.
Here's a step-by-step guide to installing and configuring antivirus software on your
system:

Slep 1: Download the Antivirus Software

I. Choose antivirus software that is compatible with your operating system and
360, Bitdefender Total
eets your security needs. Popular options include- Norton
 Page | 3.14 Digital Devices Security, Tools &Technologies for Cyber Security

Security, McAfee Total Protection, Kaspersky Internet Security, and Malwarebytee

Premium.
2. Download the antivirus software from the official website of the vendor. Make sure
just the trial version.
to download the full installation file and not
Step 2: Install the Antivirus Software
the antivirus software has downloaded, double-click the installation 6l
I. Once
start the installation process.
complete the installation process. This may
2. Follow the on-screen instructions to
accepting the license agreement, selecting the installation options. ana
involve
antivirus software vendor.
creating an account with the
3. Once the installation is complete, the
antivirus software will start automatical
any existing threats.
and begin scanning your computer for

Step 3: Configure Antivirus Settings

Open the antivirus software's main dashboard or settings menu. This can usually
1.
or through the Start menu.
be accessed from the system tray icon
Familiarize yourself with the varioussettings options available. These may incude
2.
exclusion lists, and notifications.
real-time protection, scanning schedules,
Configure the settings according to your preferences. For example, you can set up
3. scanning, and adjust the level of
regular scans, exclude certain files or folders from
notifications you receive.
continuously monitor your system for
4. Make sure real-time protection is enabled to
incoming threats.

Step 4: Scan Your Computer

your computer to
1. Once the antivirus software is configured, run afull scan of
detect any existing malware.

Step 5: Update Antivirus Software Regularly

1. Antivirus software updates are crucial for maintaining protection against the latest
threats. Most antivirus software programs have an automatic update feature.
Digital
| Devices Security,,Tools &Technologies for Cyber Security Page | 3.15

2. Check for updates regularly to ensure you have the latest protection. Some
programs may notiy you when updates are available.
3. Install updates promptdy to maintain optimal security.

B.7 W-FISECURITY MANAGEMENT IN COMPUTERAND

MOBILE
Wireless networks, commonly krnown as Wi-Fi, have become an indispensable part of
Our daily lives. They provide converient access to the internet and allow us to connect
various devices, from laptops and smartphones to smart home appliances. However, with
his convenience comes the responsibility of ensuring that our Wi-Fi networks are secure
and protected from potential threats.

Why is Wi-Fi Security Importat?

Unsecured Wi-Fi networks can be easily exploited by maliious actors, leading to
various security risks:

Unauthorized Access: Hackers can gain access to your network, potentially stealing
sensitive data or installing malware on your devices.
Data Interception: Your personal information, such as browsing history, emails, and
financial data, can be intercepted and compromised.
Malware Distribution: Malicious software can be spread through your network,
infecting other connected devices.
Network Disruptions: Hackers can disrupt your network connectivity, causing
inconvenience and productivity loss.

3.7.1 W-Fi Security Management

Managing Wi-Fisecurity is crucial to protect your computer and mobile devices from
unauthorized access and potential security threats. Here are general guidelines for Wi-Fi
Security management on both computers and mobile devices:
 Page | 3.16
Digital Devices Security, Tools & Technologies for Cyber
> Strong Wi-Fi Password Securit
Use a strong password that is at least 8 characterslong and includes a
of uppercase and lowercase letters, numbers, and symbols. combinatio-
Avoid using common words, phrases, or personal information in your W:
password.

Change your Wi-Fi password regularly, every 3 to 6 months, to minimize the risl.
unauthorized access.
> WPA2 or WPA3 Encryption
Ensure your Wi-Fi network is using WPA2 or WPA3 encryption, which are the me
secure encryption protocols available for Wi-Fi networks.

Avoid using outdated encryption protocols like WEP, which are vulnerable +
security breaches.

Avoid using public Wi-Fifor sensitive activities

Public Wi-Fi networks are often less secure than private networks. Avoid accessin
sensitive information, such as online banking or email, while connected to publi
Wi-Fi.

> Use a VPN

A VPN (Virtual Private Network) encrypts your internet traffic, making it mor
difficult for attackers to intercept and steal your data. Consider using a VPN wher
connecting to public Wi-Fi or when accessing sensitive information online.

> Monitor Network Activity

Keep an eye on your network activity to identify any suspicious devices or unusua
traffic patterns. This can help you detect unauthorized access or potential malware
infections.

> Use Antivirus and Anti-malware Software

Install and maintain antivirus and anti-malware software on your computer and
mobile devices.
 Digital Devices Security, Tools &Technologies for Cyber Security Page | 3.17
y
These tools can detect and remove malware that could compromise your security
when connecting to Wi-Fi networks.
n Keep your antivirus and anti-malware software up-to-date to ensure it is
effective
against the latest threats.

> Be cautious about what you download

Avoid downloading files or applications from
untrustworthy sources, as they could
ontain malware that could compromise your security.
Keep your devices up to date
Software updates often contain security patches that address
vulnerabilities. Make
sure your operatng system, applications, and router software are up to date.

> Disable File sharing

If you don't need to share fles on your Wi-Fi
network, disable file sharing to reduce
the risk of unauthorized access to your files.

Change the default Wi-Fi network name (SSID)

The default SSID of your router is often easily
recognizable, making it easier for
attackers to target your network. Change the SSID to aunique and non-identifiable
name.

> Disable Guest Wi-Fi if not in use

Guest Wi-Fi networks are often less secure than the main network. Disable guest Wi
Fi when not in use to reduce the attack surface.

> Be aware of phishing and social engineering scams

Phishing and social engineering scams often attempt to trick you into revealing your
Wi-Fi password or other sensitive information. Be cautious about clicking on
suspicious links or opening attachments from unknown senders.
> Educate users about Wi-Fisecurity
Make sure all users of your Wi-Finetwork are aware of the importance of security
and follow best practices to protect their data and privacy.
 Page | 3.18 Digital Devices Security, Tools &
Technologies for Cyber
By implementing these Wi-Fi security measures, you can Securlty
security of your computer and mobile devices when
connectingsignificantlWiy -Fienhance tho
to
protecting your data and privacy from unauthorized access and cyber threats
networks,