Certified Secure Computer U

ser (CSCU) 
Bekerjasama
Dengan

Fakultas Ilmu Komputer

• Partnership : 23 September 2014
• Ditandatangani oleh : Rektor Universitas Mercu Buana dan Country Manager Ec Council
•  Ec Council adalah organisasi yang memberikan sertifikasi kepada tiap individu dalam
berbagai bidang e-business dan keahlian keamanan informasi. Pemilik dan pencipta dari
sertifikasi yang terkenal dan telah diakui di seluruh dunia, Certified Ethical Hacker (CEH).
TUJUAN PELATIHAN
1. Memberikan Pengetahuan dan keterampilan untuk melindungi aset
informasi mereka.
2. Memberikan pemahaman keamanan komputer dan jaringan
komputer dasar, seperti ancaman pencurian identitas, penipuan
kartu kredit, pemalsuan online banking, virus dan backdoors, email
palsu, hacking.
3. Memberikan pengertian bagaimana cara meminimalisir kebocoran
informasi-informasi pribadi tersebut.
 Materi CSCU
• Foundations of Security
• Securing Operating Systems
• Protecting Systems Using
Antiviruses
• Data Encryption
• Data Backup and Disaster
Recovery
• Internet Security
• Securing Network Connections
• Securing Online Transactions
• Securing Email Communications
• Social Engineering and Indentity
Theft
• Security on Social Networking
Sites
• Information Security and Legal
Compliance
• Securing Mobile Devices

Download di :
Ppt fasilkom.mercubuana.ac.id
Pdf  Aspen.eccouncil.org
 REGISTER  ASPEN.ECCOUNCIL.ORG
• Step 1 : Complete
the official
training.
• Step 2 : Visit:
https://aspen .ecco
uncil.org.
• Step 3 : Click Register and fill
out the registration form.
Click Register button.
• Step 4 : Using the email you
provided in step 3, follow the
instruction in the auto-
genereted email to activate
your EC-Council Aspen Portal
account.
Download Digital Copy of Class Certificate
of Attendance
• Login
• Click Class Eval icon in the Student
Services section.
• Enter the EEC (see the attached code
below) in the Evalution Code field nd
click Submit.
• Fill the Course Evalution Form. Note:
All fields on this form are mandatory.
Click Submit Classroom Evalution
button.
• In Course Evalution Submission page,
click the Download Certificate of
Attendance button to download your
certificate of attendance.
• Register for the exam. Please use your
exam voucher and EEC to register.
• Attempt the exam.
 Instructions for Downloading your
Electronic Courseware, Lab Manuals, and
• Login Tools.
• Once successfully logged in, click Academia icon under the
Learning Resources section. It will open Academia page.
• Enter the access code below in the Access Code field and
click Submit button.
• Access Code:XXXXXXXXXXXXX
• If your Access Code is valid, you will be able to view the e-
courseware and lab manuals in the Select Courseware
dropdown menu. Masukkan

Pilih Academia
Instructions for Exam

Klik Register
 Isi Data

Klik Continue

Klik Register
 Pilih Test

Pilih Yes
Hasil Ujian
SERTIFIKAT
Module 01 : Foundations of Security
Understand :
• What data is and the difference between data and information
• How often data is generated
• The importance of personal and organizational data
• Different threats to data
• What data security is and the risks associated with data compromise
• Elements of security
• The potential losses due to a data breach
• How to implement data security
Module 02 : Securing Operating Systems
• Lock a windows system when not in use
• Create and change a user account password for a windows system
• Disable the guest account of a windows system
• Lock out unwanted guests from a windows system
• Rename the administrator account of a windows system
• Disable jumb lists of a windows system
• Enable software updates in a windows system
• Enable the firewall in a windows system
• Add new apps in the firewall of a windows system
• Remove/disable app rules from the firewall of a windows system
• Create a new firewall rule in a windows system
• Turn on windows defender
• Enable bitlocker in a windows system
• Understand windows encrypting file system
• Decrypt a file using EFS in a Windows system
• Disable unnecessary services in a windows system
• Kill unwanted processes in a windows system
• Hide files and folders in a windows system
• Disable simple file sharing in a windows system
• Lock a mac system, when not in use
• Disable automatic login in a mac
• Allow app downloads from the Mac app store
• Enable automatic software updates in a Mac
• Disable the guest account in a Mac
• Enable FileVault in a mac
• Enable the Firewall in a Mac
• Change User account password in a Mac
• Enable and set parental Controls in a Mac
Module 3 : Malware and Antivirus
• Understand what malware is
• Identify the various types of Malware
• Identity the various symptoms of Malware Infections
• Understand what an antivirus is and how it works
• Understand how to choose the right antivirus software for you and
what its limitations are
• Configure and use Kaspersky and Avast antivirus software
• Test if your antivirus is working
Module 4 : Internet Security
• Understand :
• The basic security measures to implement when online
• The different threats web browsers pose and their countermeasures
• Configure web browsers in a secure manner
• The different threats posed by instant messaging apps and their
countermeasures
• The different risks children are exposed to when online
• Know about and use children friendly web browsers like KidZui
• Identify :
• A secure website
• If a child is a victim of online abuse and take corrective measures if so
Module 5 : Security on Social Networking
Sites
• Understand :
• The concept of virtual social networking
• What a profile is on a social networking site and the information it contains
• The risks associated with online social networking
• What geotagging is and the risks it poses
• Various risks of online social networking that minors are exposed to
• Configure :
• The security settings of Facebook and Twitter
Module 6 : Securing Email Communications
• Understands :
• The concept of an email
• Why email security is important
• The various threats associated with using email
• The various email security procedures
• Identify the different email client products and service providers
available
Module 7 : Securing Module Devices
Understand :
• The basics of mobile security and its importance
• The importance of an IMEI Number of a mobile phone
• The risks that a mobile device is exposed to
• What mobile malware is
• The threats that Bluetooth poses to a mobile device
• The various security procedure of an android device, an IOS device, and a
windows device
• Identify various mobile security tools
Module 8: Securing The Cloud
Understand :
• The various types of clouds available and the different services they offer
• The advantages of a cloud service
• The Different thereats posed to a cloud account and their countermeasures
• The different privacy issues related to a cloud account and how to address
them
• How to choose the correct cloud advisor as per your needs
Module 9 : Securing Network Connections
Understand :
• The different types of networks
• How to set up your home network
• How to set up wireless networks in Windows and Mac
• The Various threats to a wireless network and their countermeasures
• How to use a firewall, antivirus, and encryption to secure a wireless network
Module 10 : Data Backup and Disaster
Recovery
Understand :
• The Importance and need for data backups
• The reasons behind data loss incidents
• What files to back up and when
• The different types of data backups
• How to create backups and restore data from them in Windows and Mac
• The difference between data deletion and data destruction and the
importance of the latter
LATIHAN SOAL
What does a lock icon symbolize besides a website name?
a. The website needs a password to be accessed
b. The website cannot be accessed without the site admin’s
permission
c. The website is a secure website
d. The website is not accessible at the moment
Horace is a 64 year-old man who worked as an accountant for SN Associates before
his retirement. The company gifted him a laptop at the time of his retirement. Since
Horace was not a technically savvy person, he did not install any applications on his
laptop, and only used it for checking his email and playing poker online. After some
time, Horace’s laptop started giving him problems. It crashed frequently, often
displayed the Blue Screen of Death (BSOD), and unwanted windows kept popping
up whenever he went online. When Horace took his laptop to the service center, he
was told that his laptop was infected with malware.
Which software should Horace have installed to prevent malware infection in his
laptop?
a. Adobe Reader
b. Antivirus software
c. One Drive
d. Skype
Harold, an associate at AQ Corporation, received a phone call from a
person claiming to be Bob from the IT department. Bob told Harold that he
had noticed that Harold’s computer was running slow, and could help him
fix it. Harold, not having much knowledge regarding computers, readily
agreed. Following Bob’s instructions, Harold typed in some commands on
his computer, and gave remote access to Bob to have his computer fixed.
Later on, Harold noticed that confidential information concerning his
clients was missing from his computer.
Which attack was Harold a victim of?
a. War driver
b. Evil twin
c. Social engineering
d. Bluesnarfing
Ruth Cole is a sales manager and travels extensively on business. She
regularly updates and stores clients’ data on a remote data storage device
via the Internet, so that in case she loses her laptop or it crashes for some
reason, she does not lose the data which is essential to carrying out her
work.
Which type of data backup is Emma using to carry out her daily work?
a. Differential backup
b. Incremental backup
c. Online data backup
d. Full system backup
A new online service allows people living with roommates to feed in all
their house hold expenses in its ‘share calculator’ program. The program
then calculates how much each person is supposed to pay and sends a
detailed report to all those who are listed as roommates for that particular
transaction.
The above mentioned service is an example of which of the following?
a. Network as a Service
b. Software as a Service
c. Infrastructure as a Service
d. Platform as a Service
John is an 18 year-old college-going student. He loves to read books and listen to
music on his laptop. He regularly downloads e-books and music from the internet.
Lately, whenever John has been spending time on his laptop, the laptop begins
displaying the infamous Blue Screen of Death (BSOD). Upon taking his laptop to the
service center, John was told that his laptop was infected with malware.
Which symptom of malware infection is John’s laptop displaying?
a. Laptop screen malfunction
b. Hard drive malfunction
c. Unexpected crashes
d. Slow system
Which of the following is the strongest password?
a. Domike*
b. Donna1992
c. donnamike92
d. Pa#72tLe
Which of the following terms refers to the process of protecting
information, and the infrastructure that stores it?
a. Keystroke logging
b. Maintenance
c. Availability
d. Data security
Luke works as an analyst for AS Pvt. Ltd. His job there is to analyze
statistics and records obtained from people to improve the sales of the
company. However, recently the statistics and records given to him have
been incorrect, thus leading to gross miscalculations and wrong
predictions on his part. Which of the terms listed below, best describes
these statistics and records that are incorrect?
a. Information
b. Data
c. Archives
d. Indicators
Duke is taking some of the best pictures he has yet as an amateur
photographer in a pen drive to get his work assessed by an expert. On the
subway an unknown person picks his pocket. Along with his wallet Duke
also lost the pen drive with his pictures. Since he had not made any more
copies of those pictures, he lost them forever.
What type of data loss is this?
a. Hardware theft
b. Malware attack
c. Natural disaster
d. Software theft
Andrew lost his iPhone on the way home from college. He anxiously
wanted to recover it, as it was a gift from his late grandfather. The
iPhone also contained pictures that he had taken for a national
photography contest.
Using which iOS feature, can Andrew locate his phone?
a. iCloud backup
b. SIM lock
c. Find my iPhone
d. System updates
Andrew lost his iPhone on the way home from college. He anxiously
wanted to recover it, as it was a gift from his late grandfather. The
iPhone also contained pictures that he had taken for a national
photography contest.
Using which iOS feature, can Andrew locate his phone?
a. iCloud backup
b. SIM lock
c. Find my iPhone
d. System updates
Which of the following fundamental concepts of security refers to an
action taken in advance to protect the system against threats or
dangers?
a. Maintenance
b. Nonrepudiation
c. Precaution
d. Reaction
Which of the following software programs runs on the internet and
allows users to find, access, and display web pages?
a. Email
b. Web browsers
c. Extensions
d. Search engine
A newly established ITES company plans to launch a website which
enables its users to share pictures and videos with each other. Apart from
this, users can also comment on these pictures and share them further.
Under which of the following cloud categories will the company’s product
come?
a. Public Cloud
b. Private Cloud
c. Community cloud
d. Hybrid Cloud
InfraTech Inc. is an international IT company with offices in Dubai,
Singapore, and Australia. To have continuity of business practice, it is
imperative that all the branch offices be able to communicate amongst
themselves.
Which of the following network systems would be suitable for data
communication between the employees of all branches of InfraTech Inc.?
a. Ethernet
b. Local Area Network
c. Virtual Private Network
d. Wide Area Network
Which of the following terms refers to the process that ensures
accuracy of the sender and receiver of a message?
a. Nonrepudiation
b. Data
c. Authenticity
d. Availability
Which of the following terms refers to a collection of information that
defines or describes the user and his or her interests?
a. Facebook group
b. Account settings
c. Timeline
d. Profile
Sam uses his work laptop to watch pirated movies at home sometimes. When he tried
to watch the latest movie he downloaded, the movie file did not play even after trying
on several different players. Within a day of this, Sam noticed that many of his files were
vanishing one after the other from his laptop even though neither he nor anyone else
deleted them. The network administrator of his company, after taking a look at his
computer told him that the movie files, which did not play, definitely had something to
do with this peculiar behavior.
What type of data loss could this be?
a. Software failure
b. Computer virus
c. Human error
d. Natural disaster
Alex, the coach of Manchester United, called up Wayne, the captain of the
team, to discuss the tactics they would employ in the upcoming Champions
League Final. The following day, Alex received an email with the transcript
of the conversation he had with Wayne. The sender of the email threatened
to make Alex’s tactics public, if he did not pay him $5000.
Which form of mobile device attack was Alex a victim of?
a. Social engineering
b. Man in the middle attack
c. Eavesdropping
d. Phishing
Raymond received an email from an official claiming to be from his bank. The
email requested Raymond to send his personal details since the customer
database of the bank was being updated. Upon confirmation from the bank,
Raymond was told that the bank had not sent any emails asking for the personal
details of their customers.
Which cyber-attack would Raymond have been a victim of if he had replied to the
email?
a. Man in the middle attack
b. War driver
c. Eavesdropping
d. Phishing
Ellie, an 18 year-old student, shares her Windows computer with her younger
brother, Adam. Adam is very mischievous and whenever he is on the
computer, he ruins Ellie’s college assignments. Ellie, who is fed up of this
decides to encrypt the drive that contains her assignments. She uses inbuilt
Windows software to encrypt the drive so that Adam cannot access the drive.
Which software did Ellie use?
a. BitLocker
b. Adobe
c. Skype
d. SPAMfighter
Fred, a 14 year-old boy, is an only child. Fred loves spending time on his Mac OS X
browsing the internet. When his parents are not at home, he spends hours at a
stretch on the computer. Once, when Fred’s parents come home late from work
and find him on the Mac, they decided to limit his computer time. Enabling an
inbuilt feature in the Mac, Fred’s parents limit his computer time to two hours
daily.
Which MAC OS X feature did Fred’s parents enable?
a. FileVault
b. Parental control
c. Jump lists
d. UAC slider bar
Which of the following antivirus techniques refers to the process of
comparing the current state of stored programs to a previously
recorded state, which is known to be free of malware?
a. Bookmarks method
b. Integrity checking
c. Scanning
d. Heuristics analysis
Tom, a 14 year-old boy has been chatting online with Adam, whom Tom assumes is 14 years old
as well. Over the months, they built up a great ‘online’ friendship, playing online games,
checking out EDM websites, continuing with their friendly rivalry over football, and just talking
about ‘guy’ stuff. When Adam invited Tom over to meet him, Tom was obviously excited.
However, when Tom met Adam, he was shocked, as Adam turned out to be a 35 years old man.
Despite this shock, Tom entered Adam’s house, as he trusted him. Tom was having a great time
playing PS3 with Adam, until the time Adam touched him inappropriately. Tom ran away from
Adam’s house and did not know what to do.
Which form of cyber-attack was Tom a victim of?
a. Pornography
b. Social engineering
c. Grooming
d. Phishing
You received the following email from an official claiming to be from your bank.
Dear ABC Bank User,
Since we will be updating our customer database shortly, you are kindly requested to send the following
information.
• Name
• Bank login id
• Password
• Branch
• Date of birth
• Alternate email
Please click the below link to update your details.
Proceed to update your account details
Please contact the ABC Bank customer team in case of any queries. Thank you for your cooperation.
Which type of email security threat is this?
a. Phishing
b. Malicious email attachment
c. Nigerian scam
d. Spy-phishing
Which of the following helps to backup data on a Mac?
a. Extensions
b. App Store
c. Internet Accounts
d. Time Machine
This part of an email informs you about the address from where it
came, time of the message, date sent, and the subject line.
Identify the email part?
a. Signature
b. Header
c. Footer
d. Body
Lucy, a 55 year-old woman, was not a technically savvy person. She did not install or
enable any applications on her computer, and only used it for looking up recipes and
knitting patterns. After some time, Lucy’s computer started giving her problems. It often
displayed the Blue Screen of Death (BSOD) and unwanted windows kept popping up
whenever she went online. When a computer technician checked Lucy’s computer, it
was discovered that her computer was infected with malware.
Which inbuilt Windows software should Lucy have enabled to prevent malware infection
in her computer?
a. Task manager
b. Jump lists
c. Simple file sharing
d. Windows Defender
Sally is a 16-year-old high school student who is extremely attached to her laptop.
She uses it to download and watch episodes of her favorite sitcom. While
watching one of the episodes, her laptop switched off automatically a couple of
times. Suspecting a malware infection, she opened the antivirus software on her
laptop and chose a technique, which examined all files on the memory and hard
disk in order to identify and locate the malware.
Which antivirus technique did Sally employ?
a. Bookmarks method
b. Integrity checking
c. Heuristics analysis
d. Scanning
Which of the following terms refers to malicious software that is
specifically built to target mobile phones and smartphones systems?
a. Unmanaged applications
b. Broken cryptography
c. Mobile malware
d. Phishing
Which privacy issue of clouds exposes users to the risk of their data
being accessed by the cloud service provider without the user’s
consent?
a. Data migration
b. Data ownership
c. Data location
d. Data permanency
Which of the following terms refers to software that attackers create to
install on a victim’s computer in order to compromise its security?
a. Lockbin
b. Malware
c. Dropbox
d. Bitlocker
Which of the following websites can Windows Phone users use to
locate their stolen smartphone?
a. http://www.symbianguru.com/tracking-mobile-with-phone-
guardian.html
b. account.microsoft.com/devices
c. iCloud.com
d. android.com/devicemanager
Amy received an email from an official claiming to be from ABC Parcel Services. The
email asked her to collect a gift parcel sent by her friend three weeks ago. The
service claimed that they were unable to deliver the parcel to Amy, as the address
provided was wrong. The service asked her to print out the attached invoice copy,
fill it, and collect the package from the branch office located in her city. .
Which type of email security threat could Amy have faced, if she clicked or
downloaded the attachment?
a. Phishing
b. Hoax mail
c. Malicious user redirection
d. Malicious email attachment
ABC Info Ltd. has a part of its business already on a cloud computing platform.
However, its new product suite would need a cloud service which runs on a totally
different technology. The company should be able to make its legacy products and
new products communicate with each other as the new products are just an
upgrade of the old ones and much of the required data still resides on the old cloud.
Which of the following cloud computing platforms will be suitable for ABC Info’s
future needs?
a. Hybrid cloud
b. Private cloud
c. Community cloud
d. Public cloud
Daniel, a bank officer, communicates with his clients through emails on a daily basis.
Recently, he noticed that his Gmail inbox was filled with unsolicited emails. The
cluttered inbox annoyed him, as it was difficult to filter the important emails. Hence, he
decided to find a solution for it. Upon inquiry, a service provider told him that he could
use software which automatically filters out the unsolicited emails. This software would
not only protect his Gmail account, but also protect all the email accounts configured on
his email client.
Which of the following tools did Daniel probably enquire about?
a. Norton
b. Kaspersky
c. Avast Pro
d. SPAMfighter
Isaac is transferring all the data from his computer to an external drive as he
wants to format his laptop. While moving the data, he accidentally hits
delete instead of cut on one of the files and without realizing, hit the enter
key when the computer prompted to confirm his action. As the file was a
huge one, it did not go to the recycle bin and got permanently deleted.
What type of data loss is this?
a. Software failure
b. Computer virus
c. Human error
d. Hardware theft
Janine’s parents gave her a smartphone for her birthday. The phone’s
operating system intrigued and delighted Janine at the same time. This
was because it was the first time she had seen a smartphone that had a
tile-based setup. In addition, the tiles could be removed and interchanged
on the home screen.
Which operating system did Janine’s phone have?
a. Windows
b. Symbian
c. iOS
d. Android
Sarah has recently rented a small room on ABC Street, and started a
business with seven employees. She provided every employee with a
computer and a common printer which is meant to be shared by
everyone.
Which of the following networks would suit Sarah’s business need?
a. Wide Area Network
b. Virtual Private Network
c. Ethernet Physical Layer
d. Local Area Network
Hermione is a 21 year-old college student. She loves spending time on
Facebook. However, with her final exams approaching, she feels that
spending time on Facebook will harm her exam results. Hence, she enables
a particular Facebook feature, with the help of which, she will not get any
emails or notifications from Facebook.
Which Facebook feature did Hermione use?
a. Who can look me up ?
b. Deactivate account
c. Login alerts
d. Where you’re logged in
Hermione is a 21 year-old college student. She loves spending time on
Facebook. However, with her final exams approaching, she feels that
spending time on Facebook will harm her exam results. Hence, she enables
a particular Facebook feature, with the help of which, she will not get any
emails or notifications from Facebook.
Which Facebook feature did Hermione use?
a. Who can look me up ?
b. Deactivate account
c. Login alerts
d. Where you’re logged in
Certain software applications add or modify a particular feature in a
browser. A few versions allow users to block ads, watch online videos,
or IM with friends.
What is this application called?
a. ActiveX
b. Extensions
c. Cookies
d. Java
As part of his security implementation plan, Glenn was updating his
firewall. Which aspect of the security implementation plan was Glenn
working on?
a. Nonrepudiation
b. Reaction
c. Precaution
d. Maintenance
Samuel, a network admin in an IT firm, has just discovered a phishing site
known for targeting corporate entities. Several employees have received emails
with the domain name, which is the same as that of this site. In order to
prevent the company’s network from being corrupted, Samuel decides to block
all incoming and outgoing traffic from that site.
Which of the following defense mechanisms can Samuel use to implement this?
a. Encryption
b. Virus
c. Firewall
d. Disk encryption
Susan downloaded a software from the Internet and installed it on her
computer for watching movies online. After installing the software, she
noticed that her PC was slowing down and was taking more time to
open webpages.
What could Susan do to solve this problem?
a. Start using Ethernet
b. Install a latest antivirus software and scan her computer
c. Stop using wireless internet connection
d. Choose a suitable encryption method
Harry, a 21 year-old college-going student, was working on his dissertation
when suddenly a message flashed on his screen, “All files on your computer
have been encrypted. You must pay $1000 within 72 hours to regain access
to your data.”Even after Harry paid the money, he was not able to access his
data, and all the documents on his dissertation were lost.
Which malware attack was Harry a victim of?
a. Botnet
b. Virus
c. Ransomware
d. Adware
Susan, a 15-year-old girl, loves spending her free time baking and cycling.
However, recently she has been spending all of her free time glued to the
computer. She shows no interest in her hobbies anymore and looks depressed
most of the time. Her parents also noticed that whenever they enter her room,
she quickly changes the computer screen. Understandably, Susan’s parents are
worried about her.
What could be the reason for her behavior?
a. Social engineering
b. Too much pressure at school
c. Victim of online child abuse>?
d. Unsolicited emails
Imagine getting a letter from the Inland Revenue Authority of Singapore (IRAS) demanding
that you pay $5,700 in taxes. This is what happened to Rick. He received a letter informing
him that he owed the government unpaid income tax on wages he never earned. The IRAS
letter said that Rick had worked at several places. However, Rick is only 15 years old and
his only job was working at his uncle’s grocery store during the summer. He had never
even visited some of the places where the letter said he worked. Rick was not sure what to
do next. After all, he has never even had a “real” job like those listed in the letter.
What is going on in this scenario?
a. Social engineering
b. Identity Theft
c. Nigerian scam
d. Phishing
XYZ Infra Solutions, a startup company is looking for a cloud service
provider who can provide virtual machines, virtual local area network,
customized software applications, on demand storage, IP addresses, and
firewalls to meet its business needs.
Which of the following cloud computing services can meet the business
needs of the company?
a. Platform as a Service
b. Software as a Service
c. Infrastructure as a Service
d. Application as a Service
Which of the following is an encryption program in Mac that helps
users to protect their data?
a. Safari
b. SPAMfighter
c. FileVault
d. Lockbin
 TERIMA KASIH
&
SEMOGA SUKSES