3.

2 SETTING,CONFIGURING AND
MANAGING THREE
PASSWORD POLICY IN THE COMPUTER
Setting, configuring, and managing password policies are an
maintaining asecure computing environment. essential aspect of
Implementing strong password policies for BIOS, Administrator, and Standard User
accounts is crucial for safeguarding your computer system against
cyber threats. Here's a comprehensive guide to managing
unauthorized access and
password policies for each
account type:

(1)BIOS Password
The BIOS password is the first line of defense against unauthorized access to your
computer. It protects the BIOS settings, which control the computer's hardware
Configuration and boot process.
Seting and Configuring BIOSPassword:
L. Enter BIOS: Restart your computer and press the appropriate key (usually DEL,
F2, F10, or Esc) during the boot process to enter BIOS setup.
2. Locate Password Settings: Navigate to the security or password settings section in
the BIOS.
Oet BIOS Password: Enable the BIOS password feature and set a strong,
memorable password.
 changes and exit BIOS. Your computer will
4. Save and
willbe
Exit:
prompted
Save
to
the
enter the BIOS password. restart, and yoy
Managing BIOS Password:
password, enter the current password and then sos.
Tochange the BIOS
To disable the BIOS password, enter thhe current password and then cho0se to
disable the password feature.

(2) Administrator Password

The administrator password is used to log in to the computer as an administrator Th.
Administrator account is the most powerful user account on a Windows computer. It ha:
full control over the system, including the ability to install software, modify settings, and
manage other user accounts.

Settingand Configuring Administrator Password:

characters
1. Create a Strong Password: Create a strong password that is at least 8
long and includes a combination of upper and lowercase letters, numbers, atd
symbols.
User Accounts. Click on
2. Change Administrator Password: Go to Control Panel >
password". Enter the current
the Administrator account and select "Change the
password and set a new one.
Editor
3. Enable Complex Password Requirements: Open Group Policy
Windows Settings
([Link]). Navigate to Computer Configuration ’
Enablethe
"Enforce
Security Settings ’ Account Policies ’ Password Policy.
password history" and "Minimum password length" policies.
Managing Administrator Password:
Regularly change the Administrator password to maintain secu
Avoid sharing the Administrator password with and
restrit

others. for daily tasks

Create a separate account with
administrative privileges
the use of the Administrator account to
sensitive or critical acuo
 Page | 3.5
Security, Tools &Technologies for Cyber Security
DigitalI Devices

Standard User Password

(3):
The standard user password is used to log in
to the Computer as a standard user.
Standard users have limited access to the computer and cannot make changes to the system
contiguration.

Setting and Configuring Standard User Password:

1. Create Standard User Accounts: Go to Control Panel ’ User Accounts. Click on
"Manage user accounts" and then "Add a new user". Create a standard user
account and set a strong password.
2. Enable Complex Password Requirements: Follow the same steps as for the
Administrator account to enable complex password requirements for standard
users.

ManagingStandard User Password:

Encourage standard users to use strong passwords and avoid sharing them with
others.

Regularly remind standard users to change their passwords.

Monitor standard user activity for suspicious behavior.

Additional Tips for Password Management:

to
It is important to manage your passwords carefully to prevent unauthorized access
your computer.
Here are some tips for managing your passwords:
Create strong passwords that are at least 8 characters long and include a mix of
upper and lowercase letters, numbers, and symbols.
Do not use the same password for multiple accounts.
Change your passwords regularly. Implement password expiry policies to require
users to change their passwords periodically.
Avoid writing your passwords down where they can be easily found.

Avoid using easily guessable passwords, such as birthdays or personal information.

 Security, Tools & Technologies for
Page | 3.6
Digital Devices
Cyber Secuty
authentication (2FA) for added security.
Enable two-factor
and phishing scams.
password security practices
Educate users about
to keep your computer safe from
By following these tips, you
access.
can help
unauthorized
SETTING AND CONFIGURING TWOFACTOR
3.3
AUTHENTICATION IN THE MOBILE PHONE
configuring two-factor authentication (2FA) on your mobile nhoss.
Setting up and
essential step in enhancing your account security and protecting your personal information.
2FA adds an extra layer of protection by requiring a second verification method in addition
password when logging in. This second factor can be in the form of a code sont,
to your
apP, or a physical security key.
your phone via SMS, a code generated by an authenticator
phone:
Here'sa general guide on how to set up and configure 2FA on your mobile
SMS.
1. Choose a 2FA method: Decide which 2FA method you prefer to use:
Authenticator app, or Security key. Each method has its own advantages and
disadvantages.
2. Enable 2FA for your online accounts: Go to the security settings of each online
2FA.
account you want to protect with 2FA and look for the option to enable
Follow the instructions provided by the specific service to set up your chosen Zih
method.
number
3. Set up SMS 2FA: If you choose SMS 2FA, provide your mobile phone
loginto
when prompted. You will receive a code via SMS whenever you try to
your account on a new device or after a certain period of inactivity.
download
4. Set up Authernticator App 2FA: If you choose authenticator app 2FA,
include-
and install an authenticator app on your mobile phone. Popular options
Codeor
Google Authenticator, Microsoft Authenticator, and Authy. Scan the QR The

enter the secret key provided by the online service into the authenticator apP
app will generate a code every time you log in to your account.
key security
5. Set up Security key 2FA: If you choose security key 2FA, purchase a insertthe
and register it with your online accounts. You will need to physically
 Page | 3.7
Digital Devices Security,Tools &Technologies for Cyber Security
security key into your mobile device or computer when prompted to complete the
login process.
accounts, test it by
6. Test your 2FA setup: Once you have set up 2FA for your online
period of inactivity.
trying to log in to your accounts on a new device or after a
verification code or use the
Make sure you can successfully receive and enter the
security key to complete the login process.
that you can use
7. Save Backup codes: Many online services provide backup codes
Keep these backup
tolog in if you lose access to your phone or authenticator app.
codes in a safe place and make sure they are only accessible toyou.
mobile phone with a strong
8. Keep your mobile phone secure: Protect your
if your phone
password, PIN, or fingerprint authentication. This ensures that even
access your 2FA codes
is lost or stolen, unauthorized individuals willnot be able to
or authenticator app.
periodically and
9. Update your 2FA settings regularly: Review your 2FA settings
make sure they are still up-to-date and reflect your current
security needs.
Consider updating your backup codes if you have lost access to your previous
ones.

By following these steps and implementing strong security practices, you can
significantly enhance the security of your online accounts and protect them from
unauthorized access.

3.4 SECURITY PATCH MANAGEMENT AND UPDATES IN

COMPUTERS AND MOBILES
Security patch management is a crucial aspect of cybersecurity, ensuring that software
and operating systems are up-to-date with the latest security patches to protect against
vulnerabilities and cyberattacks. Maintaining up-to- date security patches on both computers
and mobile devices is essential for safeguarding your personal information and preventing
unauthorizedaccess.
Security patches are released by software vendors to fix vulnerabilities in their products.
These vulnerabilities can be exploited by attackers to gain unauthorized access to systems,
 Technologies
Page | 3.10 Digital Devices Security, Tools & for Cyber
3.4.3 Manage Security Patches for
Computers and Mobiles Secuth
mobiles is crucial for
Managing security patches for computers and
devices and data from cyberattacks. safeguarding youy
Here are the steps on how to manage security patches for computers and mobiles:

1. Enable Automatic updates: Most operating systems, such as Microsoft

Apple macOS, Android and i0S have a built-in feature
that will

for and install security patches. This is the easiest way to keep
autyouromaticallyWindcoheucsk,
computer or
mobile up to date.
2. Use a Centralized patch management tool: lIf you have a large number d
computers or mobiles, you may want to use a centralized patch mangement ts
Thiswill allow you to manage patches from a single location and make sure that all
of yourcomputers or mobiles are up to date.
3. Manually install security patches: If you are not comfortable with automatit
updates or if you need to install a patch immediately, you can manually install
security patches. To do this, you will need to download the patch from the
software vendor's website and then install it on your computer or mobile.
In addition to the steps above, you should also make
sure to:
C
Keep your software up to date: Software vendors often release security
patches
fix vulnerabilities in their software. Make sure that you are always running thelatest
version of your software to minimize the risk of
being attacked.
Use strong passwords: Strong passwords are important for protecting your accounts
from unauthorized access. Make sure that your passwords are at least 8characters
long andinclude a mix of
upper and lowercase letters, numbers, and symbols.
Be careful about what you click on: Phishing e-mails and websites are a common
way for attackers to trick people into revealing their personal information 0
installing malware on their computers. Be careful about what you click onandonly
open e-mails
and attachments from
people you
By following these steps, you can help to protecttrust.
your computers and mobilesfront
cyberattacks.
 Page | 3.11
Devices Security, Tools &: Technologies for Cyber Security
Digital

MANAGING APPLICATION PERMISSIONSIN MOBILE

3.5PHONE
application permissions on your mobile phone is an important step in
Managing certain
privacy and security. Every APP you download requests access to
protect1ng your
as your contacts, location, camera, and microphone. It's important to
issions, such
reviewthese permissions carefully before granting them.

Permissions
3.5.1Types of APP
request various permissions to function properly, such as accessing your
Mobile apps
permissions are essential for the app's
While some
contacts, location, camera, or storage.
concerns.
core functionality, others may raise privacy
include:
Some of the common APP permissions
for
Allows apps to track your location data, which can be used
Location Access:
location-based advertising.
navigation services,weather updates, or
the ability to capture photos and videos, which is
Camera Access: Grants apps
experiences.
sharing, or augmented reality
necessary for cameraapps, social media
voice
Enables apps to record audio, essential for voice calls,
Microphone Access:
assistants,or audio recording apps.
device,
apps to read, write, or modify data stored on your
Dtorage Access: Allows managing media.
data, downloading files, or
Oten required for storing app contact list, which can be
permission to access your
Contacts Access: Grants aPps identification.
apps,or caller ID
used for social networking, messaging
send SMS messages,
make and manage phone calls,
Phone Access: Allows apps to apps or call management
tools.
reguired for communication
dccess call logs, often device, such as the
sensSors on your
to access variOus
Sensors Access: Enables apps
sensor, which can be used
for fitness tracking, gaming,
proximity
accelerometer, or
Or motion-based features.
 3.5.2
" " To
sGrant app.
Review manage
the to Choose Locate Open
Managing
for Settings:
Apps:
or
Permissions: App: app
h Deny
permissions
Select Find APP
. ACcess
ions:
the
the Permissions
Tap
app"Apps" the on
on Settings your
you
Permissions"
oggle or
want
"Applications" mobile
app
the to
manage on
phone:
sion your
to
view
permissionssectionmobile

ches the
list device.
in
the
of tor.
to
permissions Settings
nable
menu.
or
granteu Securnty
disable
 Step system: protecting
Here's Installing
3.6.1
1.
meetsChoose 1: Installation
a
Downloadstep-by-stepyourself
yOur and
antivirus
from
configuring
security
the viruses, and
guide
software Configuration
[Link]
malware,
toantivirus
Popular that installing

is
Software and
software
options
compatible and other
of
configuring Computer
include- online on
with your
threats.
Norton your antivirus computer
Antivirus
operating
360,
software is
Bitdefender
essential
system
on
your
Total and for
Page | 3.14 Digital Devices Security, Tools & Technologies for

Security, McAfee Total Protection, Kaspersky Internet Security, and

cyber Security
Premium.

2. Download the antivirus software from the official website of the vendor.
Malwarebytes
todownload the full installation file and not just the trial version. Make sure
Step 2: Install the Antivirus Software
1. Once the antivirus software has downloaded, double-click the
start the installation process.
installation file to
2. Follow the on-screen instructions to complete the installation process. This
involve accepting the license agreement, selecting the installation may
creating an account with the antivirus software vendor.
options, and

3. Once the installation is complete, the antivirus software will start automaticallu
and begin scanning your computer for any existing threats.
Step 3: Configure Antivirus Settings
1. Open the antivirus software's main dashboard or settings menu. This can usually
be accessed from the system tray icon or through the Start menu.
2. Familiarize yourself with the various settings options available. These may incdude
real-time protection, scanning schedules, exclusion lists, and notifications.
3. Configure the settings according to your preferences. For example, you can set up
regular scans, exclude certain files or folders from scanning, and adjust the level of
notifications you receive.
4. Make sure real-time protection is enabled tocontinuously monitor your system for
incoming threats.

Step 4: Scan Your Computer

to
1. Once the antivirus software is configured, run a full scan of your Computer
detect any existing malware.

Step 5: Update Antivirus Software Regularly

thelatest
1. Antivirus software updates are crucial for maintaining protection against
threats. Most antivirus software programs have an automatic update featu
 Digltal Devices Security, Tools &
Technologies for Cyber Security Page | 3.15
[Link] for updates regularly to ensure you
have the latest protection. Some
programs may notify you when updates are available.
a Install updates promptly to
maintain optimal security.
z W-FI SECURITY
MOBILE MANAGEMENT IN COMPUTER AND
atmoless networks, commonly known as Wi-Fi, have
become an indispensable part of
Jaily lives. They proVIde convenient access to the
internet and allow us to connect
ious devices, from laptops and smartphones to smart home
:s onvenience comes the responsibility of
appliances. However, with
ensuring that our Wi-Fi networks are secure
andprotected from potential threats.,

Why is Wi-FiSecurity Important?

Unsecured Wi-Fi networks can be easily exploited by malicious actors, leading to
various security risks:
" Unauthorized Access: Hackers can gain access toyour network, potentially stealing
sensitive data or installing malware on your devices.
Data Interception: Your personal information, such as browsing history, emails, and
financial data, can be intercepted and compromised.
Malware Distribution: Malicious software can be spread through your network,
infecting other connected devices.
Network Disruptions: Hackers can disrupt your network connectivity, causing
inconvenience and productivity loss.

3.7.1 W-Fi Security Management

computer and mobile devices from
Managing Wi-Fi Security is crucial to protect your
general guidelines for Wi-Fi
naut horized
access andpotential security threats.
seOurity anagement on both computers and mobile devi
Here are
devices:
 Digital Devices Security, Tools &
Page | 3.16
Technologies for
StrongWi-Fi PassWord
8characters long and
Use a strong password that is at least includes a
of uppercase and lowercase letters, numbers, and
Avoid using common words, phrases, or personal
symbols.

information in
combinat n
password. your Wifi
Change your Wi-Fi password regularly, every 3to 6 months. to
unauthorized access. minimize the isk o
WPA2 or WPA3Encryption
Ensure your Wi-Fi network is using WPA2or WPAS encryption,which are h
secure encryption protocols available for Wi-Fi networks.
Avoid using outdated encryption protocols like WEP, which are vulnerabl
to
security breaches.

Avoid usingpublic Wi-Fi for sensitive activities

Public Wi-Fi networks are often less secure than private networks.
Avoid accessing
sensitive information, such as online banking or email, while connected to public
Wi-Fi.

Use aVPN
A VPN (Virtual Private Network)
encrypts your internet traffic, makng it more
difficult for attackers to intercept and steal your data. Consider using a VPN when
connecting to public Wi-Fior when accessing sensitive information online.
Monitor Network Activity
Keep an eye on your network activity to identifv any
traffic patterns. This can help you detect
suspicious devices o malware
potential
infections. unauthorized access or

> Use
Antivirus and Anti-malware Software
Install and maintain antivirus and yourcomputer
mobile devices. anti-malware software on