|< Day Day Up >|| |
There are many different types of removable media available today. Most types of removable media are used for storage, memory, or network connectivity purposes. It is likely that the Security+ exam will expect you to have a basic understanding of the following media types as well as knowledge of the proper procedures for backing up and securing each of them. It is most important that you remember there is no replacement other than a good backup system to ensure that your data will always be available to you. New viruses and mechanisms are constantly being developed to attack your system and steal or destroy your programs and files. Always back up your important media.
Tape is magnetic media on which data can be stored or read. In combination with a tape unit and software, tape can be used to back up information from stand-alone or networked computer systems. Accessing data stored on tape media is considerably slower than using other storage media, such as a hard drive. However, because of their portability, tapes offer a good mobile solution for storing data off site in the event of an emergency. (More details regarding backups and off-site storage will be discussed in Chapter 6). Unfortunately, because of their portability, tapes and their valuable data can also be easily stolen. You should always secure your tapes in a locked box or cabinet located in a secured area.
In regards to securing the data stored on your tapes, any good software package used for backing up data to tape usually includes an encryption scheme that you can use to protect your stored data. Keep in mind, most tape backup encryption methods will affect the performance of your tape backup while it is in the process of backing up data.
There are several types of tape available today. Some of the most popular are as follows:
DLT (digital linear tape): Used to store large amounts of data at very high data transfer rates.
DAT (digital audio tape): Used as a standard medium for recording audio. DAT and DAT units provide a simple and easy-to-use archival system. They are portable and compact.
Tape backup methods, rotation, and disaster recovery methods will be discussed in Chapter 6.
A CD-ROM (CD-R) is an optical storage disk capable of storing large amounts of data. A typical CD-R can hold 600 to 800MB of information. This is equal to the storage capacity of about 700 1.44mb floppy disks. CD-Rs are well suited for storing graphics files, movies, and music. A CD-R is typically written to or burned once with information provided by the manufacturers of the CD-R. Optical media such as a CDs have their information burned into them by a laser beam. Actually, the term burned is used quite loosely. The actual process that takes place for information to be written to a CD involves the changing of the reflective properties of an organic dye that covers a CD by use of a laser. The data can be written to only one disk one time. Reading the data on a CD-R requires the use of a CD-R device or player.
If you are concerned about securing the data stored on CD media, your best bet is to use a third-party utility to encrypt the data that you plan on storing on the CD. If you use CDs in your backup scheme, you should include them in your off-site storage backup rotation plan.
You should know the various types of removable media and the security risks involved with them. Fair warning: the exam is likely to target methods of media and data backup. These might include incremental, differential, and full backups. All of these are detailed in Chapter 6.
Removable hard drives offer the flexibility of making large amounts of data mobile. They are also an excellent alternative to partitioning if you wish to run multiple operating systems from a single system unit. Many businesses and schools implement the use of hot swappable removable hard drives for training programs. You can work on your operating systems and applications, then simply remove the disk from the system and take it with you. The obvious problem here is that the flexibility and mobility of the drive make it very easy to steal. Most removable drives offer a lock and key, which can be used to secure the drive into the system unit. Unfortunately, many of these locks can be easily picked and most of the keys are interchangeable.
The most popular method of securing data on hard drives is through the use encryption. Most new operating systems in use today offer the ability to encrypt data and there are many third-party hard drive security encryption tools available that can help you protect your sensitive data.
Windows 2000 offers the EFS (Encrypted File System), which allows you to encrypt files and folders located on your hard drive. EFS has many benefits. It is very secure and particularly useful for securing laptops and systems that are exposed to the general public. It is very easy to implement, allowing even novice users the ability to use public key encryption. It also offers the ability to have files automatically encrypted when they are stored within a folder. It is important to keep in mind that you can implement EFS only on a drive or partition that has been formatted with NTFS (NT File System.)
A diskette or floppy disk is a magnetic portable storage disk that is often used to store small amounts of data. The major advantage of using a floppy disk is mainly that it is portable. You can move or copy a file or several small files to a floppy and take them with you.
There are two basic forms of floppy disk media available:
5.25-inch: This older style floppy disk was popular in the 1980s. The 5.25-inch floppy came in two common sizes with storage capabilities of 360K and 1.2MB of data. The 5.25-inch floppy disk used a 5.25-inch floppy drive that is now considered obsolete.
3.5-inch: This floppy drive is very common in most computers today. The 3.5-inch floppy disk can store 720K (double density) or 1.44MB (high density) of data.
Because floppy disks or diskettes are portable, they provide a security risk. An attacker can physically insert a floppy disk into your system, copy data to the floppy, and walk away. One way to combat this issue is to have floppy-less systems installed in your 'open-to-the-general-public' production environment, or use an operating systems policy that hides or disables use of the physical floppy drive.
If you need to use your floppy drive and floppy diskettes, you should always write-protect your floppy disk after you have written data to it and removed it from your floppy drive. You should also make a backup copy of your important floppy disks. There is no substitution for a good backup. If you lose your data on your original disk or your original media malfunctions, you can always restore from your backup disk. As a final note, you can protect the files on your diskettes with simple encryption techniques to ensure that your data is secure.
A flash card or memory card is a small portable storage card that has nonvolatile memory, meaning that it will not lose its data when disconnected from a power source. Flash cards are most often used with portable computing devices such as digital cameras, PDAs (Personal Data Assistants), and game controllers. They are commonly used to store data such as text, graphics, audio, and game files. Because they are small in size and can be easily concealed, the obvious security risk with flash cards is that they can be easily stolen.
A smart card (another form of memory card) is a plastic card or token device approximately the size of a credit card that houses a microchip. A smart card can be used in the following ways, in addition to other functions that are currently under development:
Data storage and memory purposes.
Security authentication device to allow access.
Smart cards can also contain important personal information such as bank and credit card information (PINs), biometric details, cryptic key information, and other sensitive data.
A smart card is typically inserted into a smart card reader that reads the data stored on the card. Because of their self-contained design and built-in security features, smart cards are considered to be one of the most secure storage devices available today.
Encrypted keys can be stored on smart cards. Be sure your smart card is stored in a secure place or you could be in a heap of trouble with a client and on the Security+ exam!
|< Day Day Up >|| |