You are on page 1of 142

HC VIN CNG NGH BU CHNH VIN THNG

AN NINH MNG
(Dng cho sinh vin h o to i hc t xa) Lu hnh ni b

2008

HC VIN CNG NGH BU CHNH VIN THNG

AN NINH MNG
Bin son : HUNH THANH HA

Tng quan v an ton bo mt.


An ton h thng thng tin l g ? Mc tiu bo v h thng thng tin. Cc yu cu an ton bo mt h thng thng tin : c 4 yu cu chnh

m bo tnh tin cy(Confidentiality): Thng tin khng th b truy nhp tri php bi nhng ngi khng c thm quyn. m bo tnh nguyn vn(Integrity): Thng tin khng th b sa i, b lm gi bi nhng ngi khng c thm quyn.

m bo tnh sn sng(Availability): Thng tin lun sn sng p ng s dng cho ngi c thm quyn m bo tnh khng th t chi (Nonrepudiation): Thng tin c cam kt v mt php lut ca ngi cung cp.

Cc nguyn tc c bn khi thit k cc gii php bo v h thng thng tin. Cc bc xy dng "chng trnh bo v thng tin" : c 6 bc

Xy dng chnh sch an ton thng tin (Policy). Phn tch ri ro trong h thng thng tin (Risk Analysis). Xy dng cc bin php phng chng (Prevention). Xy dng cc bin php pht hin (Detection). Xy dng cc bin php p ng - phn ng (Response). Xy dng "vn ho" cnh gic (Vigilance).

Xy dng chnh sch an ton thng tin

B chnh sch ATTT nhm xc nh: Confidentiality (Tnh bo mt), Integrity (Tnh ton vn), Availability (Tnh sn sng).

V d: mt chnh sch ATTT

Phn tch - nh gi ri ro

Cc mi e do (Threats). Cc im yu (Vulnerabilites). Cc ri ro (Risk).

Hin trng an ton bo mt.

Nhn thc v u t cho Security.

Mc tiu v ngun gc ca tn cng

Thit hi.

Tnh trung bnh s tin thit hi ca cc t chc, doanh nghip v cc dch v c thng k trong bng di y:

Tng s tin thit hi hng nm ca cc t chc doanh nghip c thng k trong bng sau:

Cc kiu tn cng v thit hi


Denial of Service Virus Unauthorized insider access

Cc cng ngh c la chn


Bc tng la (Firewall) Phng chng virus Bo v vt l h thng pht hin xm nhp (IDS).

* M Hnh Bo Mt

THANKS

TIU CHUN AN TON MNG

An ton thng tin l cc bin php nhm m bo tnh b mt (confidentiality), tnh ton vn (integrity) v tnh sn sng (availability) ca thng tin. ISO 17799: Mc tiu ca BS7799 / ISO 17799 l to nn mng cho s pht trin cc tiu chun v ATTT v cc bin php qun l ATTT hiu qu trong mt t chc , ng thi to ra s tin cy trong cc giao dch lin t chc

ISO 17799 nhm thit lp h thng qun l bo mt thng tin, gm cc bc nh sau: a) Xc nh phm vi v ranh gii ca h thng ISMS ph hp vi c im ca hot ng kinh doanh, vic t chc, v tr a l, ti sn v cng ngh, v bao gm cc chi tit ca chng v cc minh chng cho cc loi tr trong phm vi p dng.

b) Xc nh mt chnh sch ca h thng bo mt ph hp vi c im ca hot ng kinh doanh, vic t chc, v tr a l, ti sn v cng ngh m: 1) Bao gm c cu cho vic thit lp cc mc tiu v xy dng thc chung trong nh hng v cc nguyn tc hnh ng v bo mt thng tin.

2) Quan tm n cc hot ng kinh doanh v cc yu cu ca lut hoc php l, v cc bn phn bo mt tha thun. 3) Sp xp thc hin vic thit lp v duy tr h thng ISMS trong chin lc ca t chc v vic qun l cc ri ro. 4) Thit lp tiu chun nh gi cc ri ro 5) c duyt bi lnh o

c) Xc nh cch thc nh gi ri ro ca t chc 1) Xc nh phng php nh gi ri ro ph hp vi h thng mng, v nhng thng tin ca hot ng kinh doanh xc nh, cc yu cu ca lut v php ch 2) Xy dng tiu chun chp nhn cc ri ro v xc nh cc mc chp nhn

d) Xc nh cc ri ro
1) Xc nh cc ti sn thuc phm vi ca h thng mng v cc ch nhn ca nhng ti sn ny 2) Xc nh cc ri ro cho cc ti sn 3) Xc nh cc yu im m c th b khai thc hoc li dng bi cc mi e da 4) Xc nh cc nh hng hoc tc ng lm mt tnh b mt, ton vn v sn c m c th c cc ti sn ny

e) Phn tch v nh gi cc ri ro 1) nh gi cc tc ng nh hng n hot ng ca t chc c th c do li bo mt, Quan tm xem xt cc hu qu ca vic mt tnh bo mt, ton vn hoc sn c ca cc ti sn 2) nh gi kh nng thc t c th xy ra cc li bo mt do khinh sut cc mi e da v yu im ph bin hoc thng gp,

v do cc nh hng lin quan n cc ti sn ny, v do vic p dng cc bin php kim sot hin hnh. 3) c lng cc mc ri ro 4) nh r xem coi cc ri ro c th chp nhn c hay cn thit phi c x l bng cch s dng cc tiu chun chp nhn ri ro c lp trong mc c2

f) Xc nh v nh gi cc phng n x l cc ri ro 1) p dng cc bin php kim sot thch hp 2) Ch tm v mt cch khch quan chp nhn cc ri ro, vi iu kin chng tha mn mt cch r rng cc chnh sch ca t chc v cc chun mc chp nhn ri ro.

3) Trnh cc ri ro 4) Chuyn cc cng vic ri ro lin i cho cc t chc/c nhn khc nh nh bo him, nh cung cp

g) Chn cc mc tiu kim sot v cc bin php kim sot x l cc ri ro h) Thng qua lnh o cc sut v cc ri ro cn li sau x l i) c php ca lnh o p dng v vn hnh h thng qun l bo mt thng tin

j) Chun b bn tuyn b p dng 1) Cc mc tiu kim sot v cc bin php kim sot c v cc l do chn chng 2) Cc mc tiu kim sot v cc bin php kim sot hin ang c p dng 3) Cc ngoi l ca bt k cc mc tiu kim sot v cc bin php kim sot v minh chng cho chng.

p dng v vn hnh h thng mng theo ISO 17799 gm cc bc nh sau: a) Trnh by mt k hoch x l ri ro r rng xc nh s ph hp ca cc hnh ng ca lnh o, cc ngun lc, trch nhim v u tin ca vic qun l cc ri ro bo mt thng tin

b) p dng k hoch x l ri ro m t c cc mc tiu kim sot xc nh, trong bao gm vic xem xt chi ph (funding) v s phn cng vai tr v trch nhim c) p dng cc bin php kim sot c la chn nhm t c cc mc tiu kim sot

d) Xc nh cch thc o lng hiu qu ca cc bin php kim sot chn hoc nhm cc kim sot v xc nh cch thc s dng cc cch o ny kim sot nh gi mt cch hiu qu cho ra cc kt qu c th so snh v ti thc nghim

e) o to p dng v cc chng trnh nhn thc f) Qun l hot ng ca h thng mng g) Qun l ngun lc cho h thng mng h) p dng cc th tc quy trnh v cc bin php kim sot c th khc kch hot vic pht hin kp thi cc s kin bo mt v i ph vi cc s c bo mt

Gim st v ti xem xt h thng mng theo ISO 17799, gm cc bc sau: a) Thc hin gim st v xem xt cc th tc v cc bin php kim sot khc : 1) Pht hin kp thi sai li ngay trong cc kt qu ca qu trnh x l 2) Nhn bit kp thi vic th nghim v t nhp thnh cng cc l hng v s c bo mt

3) cho lnh o xc nh c hot ng bo mt y thc cho ngi hay vn dng cng ngh thng tin ang hot ng c t nh mong i khng 4) Gip cho vic pht hin s kin bo mt v ngn nga s c bo mt bng vic s dng cc ch s 5) Xc nh cc hnh ng gii quyt l hng bo mt c hiu qu khng

b) Thc hin vic xem xt nh k hiu qu ca h thng ISMS (Bao gm vic t c chnh sch bo mt v cc mc tiu, v xem xt cc bin php kim sot bo mt) quan tm n cc kt qu ca vic nh gi bo mt, cc s c, cc kt qu o lng hiu qu, cc kin ngh v phn hi t cc bn quan tm. c) o lng hiu qu ca cc bin php kim sot xc minh l cc yu cu bo mt c tha mn.

d) Xem xt cc vic nh gi ri ro cc giai on hoch nh v xem xt cc ri ro cn li v cc mc chp nhn ri ro xc nh, quan tm n cc thay i n 1) C cu t chc 2) Cng ngh 3) Mc tiu kinh doanh v cc qu trnh

4) Cc mi e da xc nh 5) Hiu qu ca vic p dng cc kim sot 6) Cc s kin bn ngoi, nh l lut hay mi trng php l thay i, cc bn phn tha thun thay i, v hon cnh x hi thay i.

e) Thc hin nh gi ni b h thng ISMS theo chu k hoch nh f) Thc hin vic xem xt lnh o cho h thng mng mt cch nh k nhm m bo phm vi p dng vn cn y v cc ci tin trong qu trnh ca h thng mng c nhn bit

g) Cp nht cc k hoch bo mt nhm quan tm cc pht hin ca hot ng gim st v xem xt h) H s ca cc hnh ng v s kin m c th nh hng n hiu qu hoc nng lc ca h thng mng

Duy tr v ci tin h thng mng theo ISO 17799, gm cc bc sau: a) p dng cc ci tin nhn bit trong h thng mng b) Thc hin cc hnh ng khc phc v phng nga . p dng cc bi hc kinh nghim t cc s c bo mt ca cc t chc khc v ca chnh t chc

c) Trao i cc hnh ng v cc ci tin cho tt c cc bn quan tm vi mc chi tit ph hp vi hon cnh v, khi thch hp, thng nht cch thc thc hin. d) m bo rng cc ci tin t c mc tiu mong mun cho chng

Vi v d v ri ro mt an ton thng tin : B Virus xm nhp: hng d liu, ngng h thng, B Trojan, Spyware: n cp thng tin, ci t cng hu, B nh cp mt khu: dn n b gi mo truy nhp thng tin B Hacker (Tin tc) xm nhp qua mng: ph hoi h thng, ly cp hay sa i thng tin,

B nghe trm (sniffer) thng tin khi truyn qua mng: l b mt kinh doanh (gi b thu, gi mua hng), b sa sai lch thng tin, B thng tin gi mo gi n, dn n nhng quyt nh sai gy thit hi nghim trng (vi phm tnh chng t chi): PHISHING, B sa i trang Web, gy mt uy tn vi KH, bn hng,

B ngi dng bn trong lm l thng tin cho i th, (information leakage) B ngi dng bn trong ph hoi, B l hng, back-door (v tnh hay c ) trong cc ng dng thu cng ty bn ngoi pht trin . B tn cng t chi dch v: gy ngng tr h thng (mt tnh sn sng)

THANKS

MNG RING O
nh ngha Phn loi mng ring o : Remote-Access VPN Intranet-based VPN Extranet-based VPN

Li ch ca mng ring o M rng vng a l c th kt ni c Tng cng bo mt cho h thng mng Gim chi ph vn hnh so vi mng WAN truyn thng Gim thi gian v chi ph truyn d liu n ngi dng xa

VPN (Client to Gateway)

My 1 : (card Cross) a ch IP : 172.16.1.2 Subnet Mask : 255.255.0.0 Default Gateway : 172.16.1.1

My 2 : Card Cross a ch IP : 172.16.1.1 Subnet Mask : 255.255.0.0 Card Lan a ch IP : 192.168.1.1 Subnet Mask : 255.255.255.0

My 3 : (card Lan) a ch IP : 192.168.1.2 Subnet Mask : 255.255.255.0

My 2 : B1: Start Programs Administrative Tools Routing and Remote Access ti ca s Routing and Remote Access click chut phi ln my 2 , chn Configuration and Enable Routing and Remote Access ti ca s Welcome to the Routing and Remote Access Server setup wizard, chn Next

ti ca s Configuration , nh du chn Remote Access (Dial-up or VPN) Next ti ca s Remote Access , nh du chn vo VPN Next ti ca s VPN Connection, chn card Lan , b du chn ti Enable security on the selected interface by setting up static packet filters Next

ti ca s IP Address Assignment, chn From a specified range of addresses ti ca s Address Range Assignment, chn New ti ca s New Address Range g vo dy IP nh sau : Start IP address : 172.16.1.200 End IP address : 172.16.1.220

ti ca s Managing Multiple Remote Access Servers, nh du chn No, use Routing and Remote Access to authenticate connection requests Next Finish.

B2 : ng cc ca s vo Start Administrative Tools Computer Management to user (user name : h1 ; password : hoa1) v b du chn ti User must change password at next log on click chut phi trn user h1 Properities vo tab Dialin, trong Remote Access Permission

(Dial-in or VPN) , nh du chn Allow Access OK

My 3: B1 : Click chut phi trn My Network Places Properties, chn Create a new connection ti ca s Welcome to the New Connection Wizzard, chn Next ti ca s Network Connection Type, nh du chn Connect to the network at my workplace Next

ti ca s Network Connection nh du chn Virtual Private Network connection Next ti ca s Connection Name , ti Company Name g vo VPIT Next ti ca s VPN Server Selection , g a ch IP card Lan ca my 2 (192.168.1.1) vo Host name or IP address Next

ti ca s Connection Availability, nh du chn My use only Next Finish ti ca s Connect VPIT g username : h1 ; password : hoa1 connect sau khi connect thnh cng chng ta c th ping gia 2 my 1 v my 3

VPN (Gateway to Gateway)

Chun b :

My 1 : (card Cross) a ch IP : 172.16.1.2 Subnet Mask : 255.255.0.0 Default Gateway : 172.16.1.1

My 2 : Card Cross a ch IP : 172.16.1.1 Subnet Mask : 255.255.0.0 Card Lan a ch IP : 192.168.1.2 Subnet Mask : 255.255.255.0

My 3 : Card Cross a ch IP : 172.16.2.1 Subnet Mask : 255.255.0.0 Card Lan a ch IP : 192.168.1.3 Subnet Mask : 255.255.255.0

My 4 : (card Cross) a ch IP : 172.16.2.2 Subnet Mask : 255.255.0.0 Default Gateway : 172.16.2.1

My 2 : B1 : ng cc ca s vo Start Administrative Tools Computer Management to user (user name : hanoi ; password : hanoi) v b du chn ti User must change password at next log on click chut phi trn user hanoi Properities vo tab Dial-in, trong Remote Access Permission

(Dial-in or VPN) , nh du chn Allow Access OK B2 : Start Programs Administrative Tools Routing and Remote Access ti ca s Routing and Remote Access click chut phi ln my 2 , chn Configuration and Enable Routing and Remote Access ti ca s Welcome to the Routing and Remote Access Server setup wizard, chn Next

ti ca s Configuration , nh du chn Custom configuration Next ti ca s Custom Configuration, nh du chn nhng sau : VPN access ; Demain-dial connections (user for branch office routing) ; LAN routing Next Finish (chn Yes khi h thng yu cu restart service)

Trong ca s Routing and Remote

Access , click chut phi trn Network Interfaces , chn New Demand-dial Interface Ti ca s
Welcome chn Next ti ca s Interface Name , g hanoi vo Interface name Next

Ti ca s Connection Type , nh du chn Connect using virtual private network (VPN) Next ti ca s VPN Type Chn Point to Point Tunneling Protocol (PPTP) Next ti ca s Destination Address , g a ch IP card Lan ca my 3 (192.168.1.3) vo host name or IP address ti ca s Protocol and

Security , nguyn la chn mc nh (Route IP Packets on this interface) Next ti ca s Static Routes for Remote Networks , chn Add ti ca s Static Route , cu hnh nh sau :

Destination : 172.16.2.0 Network Mask : 255.255.255.0 Metric : 1

OK Next ti ca s Dial out Credentials nhp vo nhng thng tin sau :

User name : saigon Domain : Password : saigon Confirm password : saigon

Next Finish.

B3 : Ti ca s Routing and Remote Access , click chut phi ln my 2 , chn Properities chn tab IP Chn Static address pool Add Ti ca s New Address Range , g vo dy s IP sau : Start IP address : 172.16.1.200 End IP address : 172.16.1.220

OK OK ti ca s Routing and Remote Access , click chut phi ln my 2 All Task Restart

My 3 : B1 : ng cc ca s vo Start Administrative Tools Computer Management to user (user name : saigon ; password : saigon) v b du chn ti User must change password at next log on click chut phi trn user hanoi Properities vo tab Dial-in, trong Remote Access Permission

(Dial-in or VPN) , nh du chn Allow Access OK B2 : Start Programs Administrative Tools Routing and Remote Access ti ca s Routing and Remote Access click chut phi ln my 3 , chn Configuration and Enable Routing and Remote Access ti ca s Welcome to the Routing and Remote Access Server setup wizard, chn Next

ti ca s Configuration , nh du chn Custom configuration Next ti ca s Custom Configuration, nh du chn nhng sau : VPN access ; Demain-dial connections (user for branch office routing) ; LAN routing Next Finish (chn Yes khi h thng yu cu restart service)

Trong ca s Routing and Remote

Access , click chut phi trn Network Interfaces , chn New Demand-dial Interface Ti ca s
Welcome chn Next ti ca s Interface Name , g saigon vo Interface name Next

Ti ca s Connection Type , nh du chn Connect using virtual private network (VPN) Next ti ca s VPN Type Chn Point to Point Tunneling Protocol (PPTP) Next ti ca s Destination Address , g a ch IP card Lan ca my 2 (192.168.1.2) vo host name or IP address ti ca s Protocol and

Security , nguyn la chn mc nh (Route IP Packets on this interface) Next ti ca s Static Routes for Remote Networks , chn Add ti ca s Static Route , cu hnh nh sau :

Destination : 172.16.1.0 Network Mask : 255.255.255.0 Metric : 1

OK Next ti ca s Dial out Credentials nhp vo nhng thng tin sau :

User name : hanoi Domain : Password : hanoi Confirm password : hanoi

Next Finish

B3 : Ti ca s Routing and Remote Access , click chut phi ln my 2 , chn Properities chn tab IP Chn Static address pool Add Ti ca s New Address Range , g vo dy s IP sau : Start IP address : 172.16.2.200 End IP address : 172.16.2.220

OK OK ti ca s Routing and Remote Access , click chut phi ln my 3 All Task Restart. Sau kim tra bng lnh ping 172.16.1.2 hoc ping 172.16.2.2 , gia 2 my : my 1 v my 4.

THANKS

Tng la (Firewall)

Tng la l g? L mt hng ro gia hai mng my tnh - n bo v mng ny trnh khi s xm nhp t mng khc

Cc th h tng la Tng la lc gi tin : cng ngh tng

la th h u tin phn tch lu lng mng tng vn chuyn (transport protocol layer) .

Tng la mc giao vn (circuit level firewall) : cng ngh tng la th h th 2


cho php xc nh mt gi tin c th l mt yu cu kt ni, mt gi d liu thuc mt kt ni hoc l mt mch o (virtual circuit) tng giao vn gia 2 my

Tng la mc ng dng : cng ngh tng la th h th 3, n kim tra tnh ng n d liu thuc tng ng dng trong cc gi tin trc khi cho php kt ni. Ngoi ra, n cn kim tra tnh hp l ca cc thng s bo mt khc ch c tng ng dng nh l mt khu ngi dng v cc yu cu dch v.

Tng la lc gi tin ng : cng ngh tng la th h th t. N rt hu ch i vi giao thc UDP.

So snh gia tc v hiu qu bo mt : Cc tng la lc gi tin ni chung c tc nhanh nht sau l tng la mc giao vn, tng la lc gi tin ng v tng la mc ng dng Mc kim tra bo mt ni chung li theo hng ngc li, gi tin cng qua nhiu tng th n cng phi c kim tra chi tit hn

So snh tng la ca cc hng ni ting Check Point, NetScreen v Cisco

Kh nng ngn chn tn cng (Attack Prevention Capabilities)

Kh nng h tr cc ng dng/giao thc

M HA

M ha : lm cho d liu khng th c c khi b ly trm. Cc phng php m ha: M ha i xng: dng cng mt key cho m ha v gii m

M ha pulic key :

Message Authentication Code :

Ch k in t (Digital signature) :

VIRUS

Virus trn my tnh l mt chng trnh nh lm thay i hot ng ca my tnh ngoi s kim sot ca ngi s dng . Cc loi Virus : Virus trn files : Cc Virus loi file thng ly vo cc tp chng trnh nh cc tp .com v .exe

Virus trn Boot sector : Virus c th ly nhim vo cc Boot sector ca a cng hoc a mm ni cha cc chng trnh khi ng. Virus trn Master Boot Record : V c bn dng virus ny cng nh Virus trn Boostector nhng ni ly nhim l master boot record

Macro virus : y l loi virus ly trn cc tp d liu. Cc on m code ca Virus trn cc m Visual Basic trong cc tp Exel, MS word, MS Access, MS Poiwer point c th gy ly nhim Virus ti cc tp d liu hoc tp chng trnh khc. Do vic xy dng mt on chng trnh macro

Virus hoax : L cc th in t (E-mail) c cha cc on chng trnh khi m cc th ny cc virus s ly vo my tnh ca ngi s dng v s thc hin cc chc nng khng kim sot c nh ly trm a ch, gi cc th c cc files thng tin trn my tnh ca ngi s dng thm ch xo cc cc thng tin trn a ca my tnh,

Virus Con nga thnh T-roa : y l loi virus kh nguy him lm thay i s liu, ly cp cc thng tin trn my tnh n thng c dng mt file c gi km theo e-mail. Virus hn hp : loi virus c tt c cc tnh nng ly nhim v ph hoi trn c cc tp, hay boot record. y l loi virus trn cc kh dit do hot ng ng thi trn nhiu loi mi trng.

Cc k thut s dng trong virus : Thng tr n thn (Stealth) Bin hnh (Polymorphic)

Cc ng thm nhp virus vo h thng my tnh : Qua ngi s dng my tnh Qua h thng th in t (E-mail) Qua cc dch v Internet

ANTI-VIRUS

H thng phng chng Virus s tin hnh theo m hnh hai lp: Chng Virus v phng Virus Phng virus : ngn chn s thm nhp ca Virus qua cc ng ly nhim nu trn nh qua lin kt Internet, mail.. Chng virus : Cp nht v ci t cc phn mm chng Virus mi nht

Cc quy trnh bo v my tnh : ng k : My tnh c ng k s c nhm chng Virus my tnh a vo danh sch qun l Ci t phn mm chng virus Phng chng Virus my tnh nh k Dit Virus my tnh trong cc trung hp bt thng

Chng Virus my tnh thm nhp qua cng Internet : cho my ch dit Virus my tnh ti cng Internet . Chng Virus my tnh thm nhp qua th in t : cho my ch dit Virus my tnh ti cc mail server

THANKS

BACKUP DATA

B 1: Khi ng my vo log on Admin , vo th mc C: to th mc (Dulieu) v cc file h1.txt , h2.txt ; sau vo D: to th mc Backup B2: Start Programs Accessories Systems Tools Backup ti ca s Welcome b du chn Always start in wizard mode Click chn Advance Mode ti ca s Backup Utility chn tab Backup click vo du + ti C: v nh du chn vo Dulieu

ti ca s Backup media or file name chn tab Browse ch ng dn ti D:\Backup v lu file backup vi tn (bk1.bkf). Sau chn Start Backup ti ca s Backup Job Information chn Start Backup. Sau khi Backup Progress xong Vo D:\Backup kim tra xem c file bk1.bkf cha ?

B3 : vo C:\Dulieu , click nt phi chut trn h1.txt Properities tab General chn Advance b du chn File is ready for archiving B4 : M file h1.txt nhp thm vo ni dung v lu li click chut phi trn h1.txt Properities tab General chn Advanced b du chn File is ready for archiving

B5 : M chng trnh Backup, ti ca s Backup Utility chn tab Backup Click du + ti C: v nh du chn vo d liu ti mc Backup media or file name g D:\Backup\dif.bkf chn Start Backup ti ca s Backup Job Information chn Advance ti ca s Advanced Backup Options , ti mc Backup Type chn Differential OK Start Backup

B6 : ti ca s Backup Utility chn tab Restore and Manage Media v click du + ti mc dif.bkf Click du + ti C: v chn Dulieu (ch c h1.txt c backup). Sau ng cc ca s , k tip vo th mc C:\Dulieu Click chut phi trn h1.txt Properities tab General Advanced (nh du chn mc File is ready for archiving

B7 : M file h2.txt nhp thm ni dung v save li Click chut phi trn h2.txt Properities tab General Advanced (nh du chn mc File is ready for archiving B8: M chng trnh Backup chn tab Backup , sau click du + ti C: , nh du chn vo Dulieu, ti mc Backup media or file name g D:\Backup\inc.bkf , sau chn Start Backup

B9: ti ca s Backup Job Information chn Advanced ti ca s Advanced Backup Options , click vo mc Backup Type v chn Incremental OK Start Backup. B10: ti ca s Backup Utility chn tab Restore and Manage Media , click du + ti mc inc.bkf, k tip click du + ti mc C:\Dulieu

n Control Panel

B1 : Vo Start Run MMC OK B2 : S xut hin mn hnh Console1, chn File Add/Remove Snap-in Add ti ca s Add Standalone Snap-in Group Policy Object Editor Add Finish. B3 : Ti mn hnh Console1, chn File Save as (ti ca s save in chn Destop v File name : Local Policy)

B4 : Vo Local Policy Local Computer Policy User Configuration Administrator Templates Control Panel B5 : Vo Prohibit access to the Control Panel Properties (nh du chn Enable , sau apply v OK) B6 : Vo Start Run cmd gpupdate /force

GHI NHN QU TRNH LOGON

B1 : Start Programs Administrative Tools Local Security Policy Local Policies Audit Policy Click chut phi ln Audit Account Logon Events Properties nh du chn Failure Apply OK cp nht policy (gpupdate \force)

B2 : Start Programs Administrative Tools Event viewer click chut phi ln Security chn Clear all events chn No.

IP SECURITY ( IPSEC)

Chn 2 my tnh : my tnh 1 c a ch IP : 192.168.1.1 v my tnh 2 c a ch IP : 192.168.1.2. B1 : Start Run g MMC ti ca s Consol chn Menu File Add/Remove Snap-in ti ca s Add/Remove Snap-in , ti mc Snap-in add to : Consol Root, sau chn Add

Ko thanh trt chn mc IP Security Policy Management chn Add ti ca s Select Computer or Domain , chn Local Computer Finish Close OK B2 : Ti ca s Consol1 click chut phi trn IP Security Policies on Local Computer chn Create IP Security Policy

ti ca s Welcome chn Next ti ca s IP Security Policy Name g IPSec bang Preshare Key vo name Next ti ca s Request for Secure Communication, b du chn ti mc Activate the default Next Finish ti ca s Test IP Sec Preshare Key Properties chn Add

ti ca s Welcome Next ti ca s Tunnel Endpoint chn This rule does not specify a tunnel Next ti ca s Network Type , chn Local area network LAN Next ti ca s IP Filter List, chn mc All IP Next ti ca s Filter Action , chn mc Require Security Next

trong ca s Authentication Method, chn mc Use this string to protect the key exchange, trong hp thoi g 123 Next Finish. B3 : Ti ca s Consol1, click chut phi ln IPSec bang Preshare Key Assign lu Consol1 ra mn hnh Desktop ng cc ca s ang c v cp nht Policy (gpupdate /force)

B4 : Start Progarms Administrative Tools Services click chut phi ln IPSEC Service, chn Restart. B5: M chng trnh Network Monitor chn Capture Start B6 : Start Run cmd ta dng lnh ping a ch IP gia 2 my tnh : ping 192.168.1.1 v ping 192.168.1.2

B7 : Quay li mn hnh Network Monitor

chn Capture chn Stop and View double click trn dng c Protocol l ESP chn mc ESP.

CI T NETWORK MONITOR TOOL

Chn 2 my tnh : my tnh 1 c a ch IP : 192.168.1.1 v my tnh 2 c a ch IP : 192.168.1.2. B1: Start Settings Control Panel Add/Remove Programs Add/Remove Windows Component chn mc Management and Monitoring Tools Details

nh du chn vo Network Monitor Tools OK Next. B2 : Start Administrative Tools Network Monitor ti ca s Microsoft Network Monitor, chn OK ti ca s Select a network, click du + mc Local Computer chn card LAN OK

B3 : Ti ca s Network Monitor chn Capture Start. (Ch nguyn mn hnh Network Monitor) B4 : Start Run g cmd ta dng lnh ping a ch IP gia 2 my tnh : ping 192.168.1.1 v ping 192.168.1.2. B5 : Quay li mn hnh Network Monitor chn Capture Stop and View double click trn dng c protocol l ICMP

RESTORE DATA

B1 : Xa th mc Dulieu B2: M chng trnh Backup chn Menu Tools Options tab Restore nh du chn vo mc Replace the file on disk only if the file on disk is older B3: ti ca s Backup Utility vo tab Restore and Manage Media click vao file bk1.bkf C: v nh du chn vo Dulieu Chn Start Restore ti ca s confirm restore chn OK.

B4: M chng trnh Backup vo tab Restore and Manage Media chn File dif.bkf C: v nh du chn vo Dulieu Start Restore ti ca s Confirm Restore click OK

THANKS

You might also like