logging in or signing up Windows Vista Inside Out abdul3stripes Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 12 Category: Product Traini.. License: All Rights Reserved Like it (0) Dislike it (0) Added: September 08, 2009 This Presentation is Public Favorites: 0 Presentation Description document rename Comments Posting comment... Premium member Presentation Transcript Chapter 27 – Advanced Internet Explorer 7 Security and Administration : Chapter 27 – Advanced Internet Explorer 7 Security and Administration Slide 2: All the tools and techniques described in this chapter are available in all editions Working with (and Around) Protected Mode : Working with (and Around) Protected Mode Protected Mode stops websites from Installing programs without permission Changing system settings Applied to all sites except ones in the Trusted Sites zone By default, Protected Mode is on Low Folders : Low Folders These Low folders are used by IE 7 They have the same low privilege levels as IE 7 in Protected Mode Cache %LocalAppData%\Microsoft\Windows\Temporary Internet Files\Low Temp %LocalAppData%\Temp\Low Cookies %AppData%\Microsoft\Windows\Cookies\Low History %LocalAppData%\Microsoft\Windows\History\Low Virtual Folders : Virtual Folders Program Files Windows folders Registry Windows silently redirects the file write operation to a virtual equivalent The program continues, without knowing where the file really was stored Broker Process : Broker Process When Internet Explorer needs to read those virtualized files A broker process intercepts the operation Shows a User Account Control dialog box before the process can continue Disabling Protected Mode : Disabling Protected Mode This exposes you to risks, but may be necessary to use some websites Tools, Internet Options, Security tab Clear "Enable Protected Mode" Slide 8: Internet All sites that are not included in any other category Local Intranet Sites on your local network Trusted Sites (empty on a clean installation of Windows) (empty on a clean installation of Windows) Trusted Sites : Trusted Sites "Medium" security level Internet Explorer’s Protected Mode security is disabled This allows some ActiveX controls to run Adding Sites to the Trusted Zone : Adding Sites to the Trusted Zone On the Security tab of the Internet Options dialog box. Click Trusted Sites Click Sites By default, sites must be secure (https) Otherwise you don't really know if they are genuine Restricted Sites : Restricted Sites High security Scripting disabled This zone is the default for HTML-formatted e-mail you read using Microsoft Outlook or Windows Mail Adding Sites to the Restricted Zone : Adding Sites to the Restricted Zone On the Security tab of the Internet Options dialog box. Click Restricted Sites Click Sites No need for sites to be secure Changing a Zone’s Security Settings : Changing a Zone’s Security Settings Use the slider to adjust the security level Custom level for detailed settings Protecting Yourself from Unsafe and Unwanted Software : Protecting Yourself from Unsafe and Unwanted Software Authenticode Signed controls will prompt warnings like this: Add-on Installer : Add-on Installer Always install Never install Slide 25: Internet Options, Content tab, Publishers Two fake Microsoft certificates appear in "Untrusted Publishers" Blocking Potentially Unsafe Downloads : Blocking Potentially Unsafe Downloads Half the failures in Windows are caused by "deceptive software" Malicious software spread by instant messages, email, or Web pages False error messages, offers, etc. Spyware? Adware? What's the Difference? : Spyware? Adware? What's the Difference? Spyware gathers information about you and your browsing activities Downloading Executable Files : Downloading Executable Files You must approve two separate Security Warnings to download a program in Internet Explorer Running a Downloaded File : Running a Downloaded File How do You Know that a Program is Safe? : How do You Know that a Program is Safe? If a file is digitally signed, you might be comfortable trusting the publisher If it isn't digitally signed, search for complaints about the program in Google Groups (http://groups.google.com) Set a System Restore point before installing Keeping ActiveX Under Control : Keeping ActiveX Under Control ActiveX and Viruses : ActiveX and Viruses You cannot download an ActiveX control, scan it for viruses, and install it separately ActiveX controls must be installed on the fly You're protected from known viruses if you've configured your antivirus software to perform real-time scanning for hostile code ActiveX Security Settings : ActiveX Security Settings Internet Options Security tab Internet Custom Level See p. 894 for a list of ActiveX security settings Using Scripts Wisely : Using Scripts Wisely Scripts are small programs Written in a scripting language such as JavaScript or VBScript Scripts run on the client computer See links Ch 27a, 27b Hostile scripts can be embedded in Web pages or in HTML-formatted e-mail messages You can disable scripts in Internet Options, the same way you control ActiveX control security Tip: For real safe browsing, use Firefox with the Noscript extension Browser Add-ons : Browser Add-ons Add-ons can provide New toolbars, Explorer bars, menus, buttons, extended search capabilities, manage the process of filling in forms, save bookmarks, etc. These add-ons take the form of browser extensions, browser helper objects (BHOs), toolbars, Java applets, and ActiveX controls, and more Add-ons can also cause crashes, pop-ups, act as Spyware, etc. Installing, Removing, and Troubleshooting Add-ons : Installing, Removing, and Troubleshooting Add-ons In IE 7, Tools, Manage Add-Ons, Enable or Disable Add-ons Slide 37: The Manage Add-ons box does not provide an uninstallation option You have to find the program that installed an add-on and uninstall it Some malicious add-ons hide and do not appear in this box Managing Cookies : Managing Cookies A cookie is a small text file It enables a Web site to personalize its offerings in some way Stored in %UserProfile%\AppData\Roaming\Microsoft\Windows\Cookies Cookies are used recording logon information, shopping preferences, etc. Privacy Concerns : Privacy Concerns Cookies may contain information you typed into a Web page This information can be read only by the site that created the cookie BUT: Third-party cookies cheat and get around this rule (See link Ch 27c) Platform for Privacy Preferences P3P : Platform for Privacy Preferences P3P Cookie Privacy Settings : Cookie Privacy Settings Tools, Internet Options, Privacy tab Block All Cookies High Medium High Medium Low Accept All Cookies The default setting is Medium Slide 42: When Internet Explorer blocks a cookie, it displays an icon on your status bar To find out what cookie was blocked and why, double-click this icon to see Privacy Report Viewing a Site's Privacy Report : Viewing a Site's Privacy Report Click on a site in Privacy Report, click Settings to see Privacy Policy Always Allow This Site To Use Cookies Never Allow This Site To Use Cookies Changing the Size of the Cache : Changing the Size of the Cache Tools, Internet Options, General Tab In the Browsing History section, click Settings You can also set how often IE checks for new versions of pages here Shift-Refresh to force a new load Blocking Objectionable Content : Blocking Objectionable Content Content Advisor blocks sites that are rated outside your acceptable limits It uses the Internet Content Rating Association (ICRA) system Not all Internet content is rated By default, Content Advisor blocks pages that don't have a rating Slide 56: Available in several languages Used to customize the Internet Explorer interface and control browser settings Especially those related to security You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Windows Vista Inside Out abdul3stripes Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 12 Category: Product Traini.. License: All Rights Reserved Like it (0) Dislike it (0) Added: September 08, 2009 This Presentation is Public Favorites: 0 Presentation Description document rename Comments Posting comment... Premium member Presentation Transcript Chapter 27 – Advanced Internet Explorer 7 Security and Administration : Chapter 27 – Advanced Internet Explorer 7 Security and Administration Slide 2: All the tools and techniques described in this chapter are available in all editions Working with (and Around) Protected Mode : Working with (and Around) Protected Mode Protected Mode stops websites from Installing programs without permission Changing system settings Applied to all sites except ones in the Trusted Sites zone By default, Protected Mode is on Low Folders : Low Folders These Low folders are used by IE 7 They have the same low privilege levels as IE 7 in Protected Mode Cache %LocalAppData%\Microsoft\Windows\Temporary Internet Files\Low Temp %LocalAppData%\Temp\Low Cookies %AppData%\Microsoft\Windows\Cookies\Low History %LocalAppData%\Microsoft\Windows\History\Low Virtual Folders : Virtual Folders Program Files Windows folders Registry Windows silently redirects the file write operation to a virtual equivalent The program continues, without knowing where the file really was stored Broker Process : Broker Process When Internet Explorer needs to read those virtualized files A broker process intercepts the operation Shows a User Account Control dialog box before the process can continue Disabling Protected Mode : Disabling Protected Mode This exposes you to risks, but may be necessary to use some websites Tools, Internet Options, Security tab Clear "Enable Protected Mode" Slide 8: Internet All sites that are not included in any other category Local Intranet Sites on your local network Trusted Sites (empty on a clean installation of Windows) (empty on a clean installation of Windows) Trusted Sites : Trusted Sites "Medium" security level Internet Explorer’s Protected Mode security is disabled This allows some ActiveX controls to run Adding Sites to the Trusted Zone : Adding Sites to the Trusted Zone On the Security tab of the Internet Options dialog box. Click Trusted Sites Click Sites By default, sites must be secure (https) Otherwise you don't really know if they are genuine Restricted Sites : Restricted Sites High security Scripting disabled This zone is the default for HTML-formatted e-mail you read using Microsoft Outlook or Windows Mail Adding Sites to the Restricted Zone : Adding Sites to the Restricted Zone On the Security tab of the Internet Options dialog box. Click Restricted Sites Click Sites No need for sites to be secure Changing a Zone’s Security Settings : Changing a Zone’s Security Settings Use the slider to adjust the security level Custom level for detailed settings Protecting Yourself from Unsafe and Unwanted Software : Protecting Yourself from Unsafe and Unwanted Software Authenticode Signed controls will prompt warnings like this: Add-on Installer : Add-on Installer Always install Never install Slide 25: Internet Options, Content tab, Publishers Two fake Microsoft certificates appear in "Untrusted Publishers" Blocking Potentially Unsafe Downloads : Blocking Potentially Unsafe Downloads Half the failures in Windows are caused by "deceptive software" Malicious software spread by instant messages, email, or Web pages False error messages, offers, etc. Spyware? Adware? What's the Difference? : Spyware? Adware? What's the Difference? Spyware gathers information about you and your browsing activities Downloading Executable Files : Downloading Executable Files You must approve two separate Security Warnings to download a program in Internet Explorer Running a Downloaded File : Running a Downloaded File How do You Know that a Program is Safe? : How do You Know that a Program is Safe? If a file is digitally signed, you might be comfortable trusting the publisher If it isn't digitally signed, search for complaints about the program in Google Groups (http://groups.google.com) Set a System Restore point before installing Keeping ActiveX Under Control : Keeping ActiveX Under Control ActiveX and Viruses : ActiveX and Viruses You cannot download an ActiveX control, scan it for viruses, and install it separately ActiveX controls must be installed on the fly You're protected from known viruses if you've configured your antivirus software to perform real-time scanning for hostile code ActiveX Security Settings : ActiveX Security Settings Internet Options Security tab Internet Custom Level See p. 894 for a list of ActiveX security settings Using Scripts Wisely : Using Scripts Wisely Scripts are small programs Written in a scripting language such as JavaScript or VBScript Scripts run on the client computer See links Ch 27a, 27b Hostile scripts can be embedded in Web pages or in HTML-formatted e-mail messages You can disable scripts in Internet Options, the same way you control ActiveX control security Tip: For real safe browsing, use Firefox with the Noscript extension Browser Add-ons : Browser Add-ons Add-ons can provide New toolbars, Explorer bars, menus, buttons, extended search capabilities, manage the process of filling in forms, save bookmarks, etc. These add-ons take the form of browser extensions, browser helper objects (BHOs), toolbars, Java applets, and ActiveX controls, and more Add-ons can also cause crashes, pop-ups, act as Spyware, etc. Installing, Removing, and Troubleshooting Add-ons : Installing, Removing, and Troubleshooting Add-ons In IE 7, Tools, Manage Add-Ons, Enable or Disable Add-ons Slide 37: The Manage Add-ons box does not provide an uninstallation option You have to find the program that installed an add-on and uninstall it Some malicious add-ons hide and do not appear in this box Managing Cookies : Managing Cookies A cookie is a small text file It enables a Web site to personalize its offerings in some way Stored in %UserProfile%\AppData\Roaming\Microsoft\Windows\Cookies Cookies are used recording logon information, shopping preferences, etc. Privacy Concerns : Privacy Concerns Cookies may contain information you typed into a Web page This information can be read only by the site that created the cookie BUT: Third-party cookies cheat and get around this rule (See link Ch 27c) Platform for Privacy Preferences P3P : Platform for Privacy Preferences P3P Cookie Privacy Settings : Cookie Privacy Settings Tools, Internet Options, Privacy tab Block All Cookies High Medium High Medium Low Accept All Cookies The default setting is Medium Slide 42: When Internet Explorer blocks a cookie, it displays an icon on your status bar To find out what cookie was blocked and why, double-click this icon to see Privacy Report Viewing a Site's Privacy Report : Viewing a Site's Privacy Report Click on a site in Privacy Report, click Settings to see Privacy Policy Always Allow This Site To Use Cookies Never Allow This Site To Use Cookies Changing the Size of the Cache : Changing the Size of the Cache Tools, Internet Options, General Tab In the Browsing History section, click Settings You can also set how often IE checks for new versions of pages here Shift-Refresh to force a new load Blocking Objectionable Content : Blocking Objectionable Content Content Advisor blocks sites that are rated outside your acceptable limits It uses the Internet Content Rating Association (ICRA) system Not all Internet content is rated By default, Content Advisor blocks pages that don't have a rating Slide 56: Available in several languages Used to customize the Internet Explorer interface and control browser settings Especially those related to security