Excerpts

Chapter 1: Introduction Issues Facing Small Businesses In today's digital age, businesses face unprecedented information security challenges that can be distilled into the four following statements: To effectively use information, you must trust it. To trust it, you must secure it. To secure it, you must manage it. To manage it, you must think ahead. In the early days of computing and the Internet, many small businesses simply didn't see the need to be online. However, those that did, saw the Internet as a valuable tool and not as a threat to their business. Today two factors have combined to cause small businesses to focus on the importance of information security. First, those businesses have become dependent upon the Internet for their daily business activities. For many businesses, access is more than a convenience; it's a business necessity. Second, the number and magnitude of threats and security risks in the modern computing environment have multiplied. Spyware, adware, viruses, worms, Trojan horses, and other risks are prevalent on the Internet today. Insightful small business owners and managers understand these risks and are willing to make investments in information security now to prevent large business headaches down the road. The risks facing businesses of all sizes are similar. Symantec™ has a four-dimensional model of business risk (illustrated in Figure 1-1) that outlines the following four types of risk: Direct losses might be short-term in nature, such as the theft of money and equipment. However, they are often the precursor to long-term losses from the other three dimensions. Indirect losses can be extremely damaging to a business but are also very difficult to quantify. For example, if a bank suffers a computer intrusion, there might be an insignificant monetary loss that's covered by the bank's insurance policy. However, if the story is reported by the media, it could result in widespread loss of consumer confidence in the bank's capability to safeguard their money. This indirect loss could be far more damaging to the bank's overall business than the simple theft it initially suffered. Productivity losses occur tangentially to other risks. For example, if a company's computer systems are infected by a virus, it might cause some direct and indirect losses. However, it's also going to have a productivity cost. If company employees aren't able to access the network, they might be unable to do their jobs for a period of time, resulting in lost revenue to the business. Legal exposure is one of the most damaging types of risk in today's regulated society. Information-based businesses are subject to numerous regulatory requirements. Laws such as the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA) and the Sarbanes Oxley Act (SOX) require businesses to protect the confidentiality, integrity, and availability of information assets under their stewardship. Failure to meet those requirements could place the organization in civil or even criminal jeopardy. Figure 1-1 Four dimensions of business risk. In this chapter, we take a brief look at the security risks and threats facing small businesses and some of the products offered by Symantec to help deal with them. We also discuss the Symantec Certified Technical Specialist, Small Business Security program, including certification requirements and an overview of the examination process. The remainder of this book is dedicated to providing you with the practical, hands-on knowledge that you'll need both to be successful on the SCTS, Small Business Security exam and to provide you with the knowledge to assist small businesses in need of information security. We begin with a look at the risks on the Internet. Security Risks and Threats Often, when people think of information security, the phrase "malicious code" pops into their heads. They might not use that terminology, but the words virus , worm , Trojan horse , spyware , and adware are all specific examples of a more general menace. How prevalent are these items? The Symantec Internet Security Threat Report VIII , published in March 2005 as an update to the Internet community, estimated that every organization connected to the Internet experiences an average of 13.6 attacks directed against its network each day . The risks facing modern organizations are serious and significant. In this book, you'll learn how you can counter them by developing robust security infrastructures for the organizations with which you work. Before we can study malicious code prevention, we must have a general understanding of the threat. Simply put, malicious code is any computer program that carries out an unwanted activity without the consent of the system operator. The activities performed may range from annoying (such as displaying a message on the screen every few minutes or popping up ad content) to downright destructive (such as erasing all data stored on the system's hard drive). Viruses Viruses, the most commonly known type of threats, are similar to biological viruses. Just as biological viruses spread in a number of ways--you might have direct contact with an infected person, drink out of a cup that person used, or merely be present in the same room and become infected--computer viruses spread from computer to computer carrying their malicious activity. Worms Worms are viruses' more insidious cousins. Like viruses, worms spread from system to system carrying a malicious payload. They range in severity from minor nuisances to catastrophically damaging. What makes worms different from and more dangerous than viruses is that they spread without any user intervention. Worms exploit vulnerabilities in operating systems to infect weak systems. After they establish themselves on an infected host, their mission changes to one of rampant propagation. They attempt to spread as far and wide as they can, searching for other vulnerable systems on the local network or across the Internet. Worms can take advantage of vulnerabilities in common operating systems and applications The SQL Slammer worm of early 2003 infected Windows® systems running the popular SQL Server 2000 database system and brought financial networks to their knees for a number of hours, leaving ATM users stranded without cash. Trojan Horses In ancient history, the Greeks laid siege against the city of Troy for almost 10 years during the Trojan war. Weary of battle, the Greeks resorted to trickery and built a giant wooden horse that they presented to the Trojans as a gift. The Trojans graciously accepted the gift and wheeled it within the walls of their city. When night fell, the horse opened up and Greek warriors rushed out, quickly conquering the city. Malicious code also uses this type of trickery. Electronic Trojan horses present themselves as a beneficial "gift" to computer users. They might appear to be a computer game, utility, or screen saver downloaded by an unsuspecting user, when, in reality, they contain dangerous malicious code. To top it all off, the Trojan program usually works in the manner you'd expect it to but, while you're happily playing a downloaded game, it delivers its payload behind the scenes. Spyware/Adware Spyware and adware are two of the newer security risks to face organizations. If you've been following the media, you've probably heard these two buzzwords tossed around quite a bit recently. They're part of a new class of code designed to sit quietly on computer systems and remain unnoticed while they perform their mission. Depending upon the purpose of the code, this mission might be simply to cause pop-up ads to appear on the infected computer, or it might be more mischievous. Spyware programs have the capability to scan systems or monitor activity and relay information to other computers or locations in cyber-space. Among the information that may be actively or passively gathered and disseminated by spyware: passwords, log-in details, account numbers, personal information, individual files, or other personal documents. Spyware may also gather and distribute information related to the user's computer, applications running on the computer, Internet browser usage, or other computing habits. Adware facilitates delivery of advertising content to the user through his own window, or by utilizing another program's interface. In some cases, these programs may gather information from the user's computer, including information related to Internet browser usage or other computing habits, and relay this information back to a remote computer or other location in cyber-space. Spam/Phishing Spam, or unsolicited commercial email (UCE), is an ever-increasing problem for business users, who are forced to wade through a myriad of advertisements for prescription drugs, get-rich-quick schemes, and free timeshare vacations in order to get to their real email. Email has become a mission critical application and spam has a negative impact on the productivity of employees. Spam also causes potentially more serious threats due to some spam emails carrying viruses and phishing attacks. One form of spam you might be familiar with is the phishing attack. In this type of spam, the goal is to trick users into revealing private information that the spammer can use to his or her advantage. One of the more common phishing attacks is to fake an email from eBay® or PayPal® telling the user that there's a security problem with his or her account. When unsuspecting users receive this official-looking email, they might be tempted to click the link, which then presents a page that looks very much like the eBay or PayPal home page. The page then asks them to enter their account information for security-verification purposes. The problem is, the Web page the email links to isn't actually run by eBay or PayPal. It's a phishing site that dutifully records account information and tells users that the problem has been resolved. The users then happily go their way, thinking that the problem has been fixed. Unfortunately, the problem has just begun. The account information now goes off into the hands of unscrupulous individuals who attempt to clean out bank balances or use it for other dubious purposes. Symantec Solutions The earliest threats were simple viruses and worms. The threats have increased as the propagation methods have become more sophisticated to include mass mailing worms and blended threats. In addition to the traditional threats of viruses, worms, and Trojan horses, new types of risks have emerged in the recent years. Organizations are now faced with protecting their infrastructure from a wider threat landscape. There's no reason to avoid contact with the Internet at large. It's important to ensure that small businesses practice safe computing. Symantec provides solutions to help safeguard networks, including software, hardware, and services. In this section, we look at security offerings designed to protect small business networks from the modern threats and security risks found on the Internet. Symantec AntiVirus™ 10.0 Symantec™ Client Security 3.0 Norton AntiSpam™ 2005 We explore them briefly here, but the remainder of this book is dedicated to exploring them in further detail. Part 1, "Symantec AntiVirus," explains the proper use of Symantec AntiVirus to protect your organization from malicious code. Part 2, "Symantec Client Security," provides you with a detailed look at using Symantec Client Security, including the firewall and intrusion prevention capabilities. This book concludes with Part 3, "Norton AntiSpam," which explores the use of Norton AntiSpam to protect your organization from unsolicited email. Symantec AntiVirus A component of Symantec's strategy to protect the small business is Symantec AntiVirus. Symantec AntiVirus (shown in Figure 1-2) provides small-business users with a desktop solution for real-time virus and spyware protection for workstations and network servers. The solution automatically detects and repairs the effects of spyware, adware, viruses, and other threats and security risks. Figure 1-2 Symantec AntiVirus. Symantec Antivirus provides centralized configuration, policy management, alerting, and logging, enabling administrators to determine which nodes are vulnerable to virus attacks. It uses LiveUpdate technology to keep definitions and program components up to date. Symantec Client Security Another component of Symantec's strategy to protect the small business is Symantec Client Security (see Figure 1-3). This package provides all the functionality of Symantec AntiVirus, with the addition of intrusion-prevention and firewall capabilities designed to keep out unwanted traffic. It monitors the system's network connection to block unwanted incoming traffic and also watches for signs of viruses, worms, Trojan horses, spyware, and other programs that attempt to spread from your system to others via the network. Figure 1-3 Symantec Client Security. Symantec Client Security automatically removes detected malicious code and provides a comprehensive approach to protecting systems against threats that exploit multiple vulnerabilities. Norton AntiSpam The last component of Symantec's strategy to protect the small business is Norton AntiSpam, a desktop solution for spam prevention (see Figure 1-4). Norton AntiSpam uses automatically updated filters in combination with logic that determines what you consider spam and what you consider legitimate for filtering email. Norton AntiSpam provides the capability of blocking unwanted Web advertisements and pop-ups. In addition it provides easy integration with programs such as Microsoft® Outlook®, Outlook Express, and Eudora®, and is also capable of filtering Yahoo!® Mail accounts. Figure 1-4 Norton AntiSpam. Small Business Protection These three products covered in the SCTS, Small Business Security certification, will provide small businesses with a proactive security stance against the myriad of today's online threats and security risks. In addition, Symantec has many other offerings to provide a defense in depth for all sizes of organizations from small business to large enterprise. Additional Solutions Symantec offers a variety of products and solutions designed to work at different layers of the network, that are complementary to those spoken about in this book. These include Symantec™ Mail Security for Domino® , Symantec™ Mail Security for Microsoft® Exchange, and the Symantec™ Gateway Security Appliance family. This section discusses a partial list of the products. The Symantec Gateway Security family of products provides protection at the gateway. The Symantec™ Gateway Security 300 Series (see Figure 1-5) is an easy-to-use firewall/VPN appliance with integrated security for the small business and remote office with simple network requirements. It combines high performance for the entry-level with firewall, VPN, IDS/IPS, antivirus policy enforcement, content filtering, and optional VPN secured wireless. These products sit on the network between the protected LAN and the Internet. Figure 1-5 Symantec Gateway Security 300 Series. The Symantec™ Gateway Security 5400 Series (see Figure 1-6) is a Firewall/VPN appliance that integrates full inspection firewall technology, IPsec-compliant virtual private networking, intrusion prevention, intrusion detection, antivirus protection, URL-based content filtering and antispam technology. There are a range of models that provide scalability from small enterprise and corporate branch offices, up to large enterprise, data centers, and service providers. Figure 1-6 Symantec Gateway Security 5400 Series. The Symantec™ Mail Security 8200 Series appliances (see Figure 1-7) offer a hardware-based approach to protecting the enterprise by combining antispam and antivirus protection in an appliance. The 8240 model provides protection from 100 up to 1,000 users. The 8260 provides protection for 1,000 plus. Software solutions exist specifically for Lotus Domino® and Microsoft® Exchange. Figure 1-7 Symantec Mail Security 8200 Series. More information on these enterprise products is available at http://enterprisesecurity.symantec.com . SCTS Certification Program Symantec created the Symantec Certified Technical Specialist, Small Business Security program to provide Symantec partners and customers with an opportunity to validate their knowledge of Symantec security solutions suitable for implementation in a small business environment. SCTS, Small Business Security is a desktop security solution, certifying that an information technology professional has the skills and knowledge necessary to build a solid defensive posture for workstations. It's designed for security consultants, sales engineers, system engineers, and system administrators who work with Symantec products in the small business market. Overview Earning the SCTS, Small Business Security credential requires candidates to pass a single computer-based test that covers the material presented in this book. You'll need to demonstrate your understanding of the planning, installation, configuration, and management of the following: Symantec AntiVirus 10.0 Symantec Client Security 3.0 Norton AntiSpam 2005 When you've successfully completed the exam and have accepted the Symantec Certification Agreement you earn the right to use the SCTS logo, shown in Figure 1-8, on your business cards. Figure 1-8 SCTS logo. Note - Your Symantec Certified Technical Specialist credential is valid for two years from the time you complete certification requirements (passing the exam and accepting the certification agreement). After you pass the exam, you need to log in to the Symantec certification program tracking site, CertTracker, and accept the terms of the Symantec Certification Agreement. Symantec utilizes CertTracker, a secure database hosted by Integral 7, to track and manage candidates' certification activities. Through CertTracker you can access your exam records, track fulfillment status, and monitor your progress toward achieving a targeted level of Symantec certification. This is found at http://www.symantec.com/certtracker . This interactive tool helps you confirm your contact information and track the shipment of your certification kit. Tip - CertTracker is preloaded with the contact information you used to register for the exam, so be certain to provide accurate address information when you sign up. This will ensure that you receive your certification materials in a timely fashion. The Exam The SCTS, Small Business Security exam is offered via Computer-Based Testing (CBT) at Prometric locations throughout the world. You have 90 minutes to complete 75 questions, with the exception of additional time for the list below. An automatic 15 minutes is added for English language exams for the following countries: France Germany Italy Spain Austria Switzerland Belgium Luxemburg Monaco San Marino Liechtenstein Cameroon Comoros ( Madagascar ) Mauritius Reunion Senegal An automatic 30 minutes is added for the English language exams for Japan. Registering for the Exam - Prometric offers thousands of testing locations throughout the world. To register for the exam, visit http://www.2test.com and select the testing center near you. You'll need to provide payment details for the $100 fee at the time of registration. Exam Outline The exam is divided into three content areas, corresponding to the three products covered in the SCTS, Small Business Security certification. The 75 exam questions are distributed among the three content areas according to the following proportions: Symantec AntiVirus: 50.7% Symantec Client Security: 32% Norton AntiSpam: 17.3% Tip - Take these proportions to heart: If you're new to all three solutions, you should spend approximately half of your time working with Symantec AntiVirus and the remainder of your time divided between Symantec Client Security and Norton AntiSpam. Following is a list of the specific exam objectives that we cover in this book: Symantec AntiVirus Overview Describe the business problem that Symantec AntiVirus addresses Describe types of viruses Describe the architecture of Symantec AntiVirus technology Describe the components of the Symantec AntiVirus solution Symantec AntiVirus Planning Conduct deployment planning activities, taking into consideration varying technologies, platforms, and business environments Describe the top three deployment scenarios for a small business environment Symantec AntiVirus Installation and Configuration Describe all required preinstallation tasks Perform an installation Configure the product for use Symantec AntiVirus Management4 Describe the management components Perform management tasks Perform an AntiVirus upgrade/renewal Symantec Client Security Overview Describe the business problem that Symantec Client Security addresses Describe types of attacks Describe the architecture of the client-based Symantec Client Security technology Describe the components of the client-based Symantec Client Security solution Symantec Client Security Planning Conduct deployment-planning activities, taking into consideration varying technologies, platforms, and business environments Describe the top three deployment scenarios for a small business environment Symantec Client Security Installation and Configuration Describe all required preinstallation tasks Perform an installation Configure the product for use Symantec Client Security Management Describe the management components Perform management tasks Perform Symantec Client Security upgrade/renewal Norton AntiSpam Overview Describe the business problem that the Norton AntiSpam technology addresses Describe the types of spam Describe the architecture of the client-based AntiSpam technology Describe the components of the client-based AntiSpam solution Norton AntiSpam Planning Conduct deployment-planning activities, taking into consideration varying technologies, platforms, and business environments Describe the top three deployment scenarios for a small business environment Norton AntiSpam Installation and Configuration Describe all required preinstallation tasks Perform an installation Configure the product for use Norton AntiSpam Management Describe the management components Perform management tasks Perform a Norton Antispam upgrade/renewal Use this list of objectives to help guide your studying efforts. When you're finished reading this book and working with the software, you should be able to review this list and clearly articulate the meaning of each step and the process used to complete it. Question Types You'll find four types of questions on the SCTS, Small Business Security exam. Let's take a brief look at each type of question: Single-response questions are straightforward multiple-choice questions with one correct answer. You'll be able to select only a single answer. These options are in the radio button format. Multiple-response questions have more than one correct answer, and you'll need to select all of the correct answers. These options are in the check box format. You will be told the number of answers to select. Tip - Always read the question text carefully; it will tell you the number of correct answers that you need to select. You'll never be forced to guess the correct number of answers on the SCTS, Small Business Security exam. Matching questions ask you to match items in one column with items in another column. Typical exercises might ask you to match words with their definitions or products with their capabilities. Ordering questions ask you to place a series of items in the appropriate sequence. For example, you might be asked to sort a series of installation steps in the order they should be performed. Exam Preparation A recent survey revealed that taking an exam is one of the most stressful activities in the lives of adults. After all, school is behind us and many years might have elapsed since the last time we picked up a no. 2 pencil. Fortunately, it's possible to alleviate the majority of the fear created by a test with one tool: preparation. We've created an eight-step process designed to provide you with a solid foundation to prepare for the exam. It revolves around the use of this book, the accompanying CD-ROM, and Symantec's security products. Here are the eight steps in our recommended preparation plan: Register for the exam. That's right. The first step of our process is registering for the exam! When you finish reading this introductory chapter, quickly skim through the rest of this book to get a feel for how much time it will take you to master this material and be fully prepared for the exam. This will prevent you from the most common failing of certification candidates: never taking the exam. If you're new to the field of information security, give yourself plenty of time. You might want to choose an exam date that's about two months from now. If you have some experience under your belt, you might be ready to take the exam sooner. It's your decision. Just make the commitment to this program by signing up for a date now. Note - To register for the exam, visit the Prometric Web site at http://www.2test.com . Read this book. All of the topics you need to master to pass the SCTS, Small Business Security exam are contained within the covers of this book. Read this book cover to cover. You might want to combine this with step 3, but it's essential that you read every word contained in this book. If you find yourself reading quickly and skipping sentences without really comprehending them, it's time to take a break, go get a glass of water, and come back when you're ready to devote your full attention to learning. Use the CD-ROM that accompanies this book. The CD-ROM contains simulations and activities to reinforce the topics covered in this book. When there is an associated simulation or activity, it will be identified by the following icons: Indicates an activity Indicates a simulation Insert the CD-ROM and work though the related simulations and activities. Install and configure the products. The SCTS, Small Business Security exam covers three products: Symantec AntiVirus 10.0, Symantec Client Security 3.0, and Norton AntiSpam 2005. To succeed on the exam you need to have hands-on experience with the software, especially during the installation phase. If you're able to obtain this experience on the job working with live systems, great. If not, you'll need to obtain a couple of practice systems and use them to install and configure these products. If you'd like, it's perfectly acceptable to complete this step as you're completing step 2 so that you can follow along with the book. Work with the products on a regular basis. Gaining a full understanding of any security product requires that you use it on a regular basis and understand how it helps you deal with security risks and threats as they arise in real time. As with the last step, more power to you if you're able to get this experience at work. If you're not, leave your test environment up and running for a few weeks, and use it to practice the administration skills you learn in this book. Tip - Successful completion of the SCTS, Small Business Security exam depends upon hands-on experience with Symantec products. Don't attempt the exam without working with the software products, even if you need to do so in a lab environment. Review this book. After you've gained experience with the products, turn back to the book again. You'll probably want to use it as a reference while you're experimenting. This will help you firm up your knowledge from an experiential point of view. Take a practice test. Now it's time to see how prepared you are! Use the CD included with this book to take a practice exam. Do it all in one sitting without referencing the book, to best simulate the real testing environment. Pass or fail, this process will provide you with valuable information to help your study process. Most important, the exams on the CD closely resemble the actual test environment and will help you feel comfortable with the test before sitting for the exam. Repeat, Repeat, Repeat. Repeat steps 6 and 7 until you're confident that you're well prepared for the real exam. Following this process strictly will ensure that you'll have the confidence you need when exam time rolls around. Confidence breeds success. Program Guidelines and Policies Symantec has laid out the following SCTS, Small Business Security program guidelines and policies for SCTS, Small Business Security candidates and credential holders: Candidates must meet all published requirements to achieve Symantec certification designations. All Symantec exams related to security products are delivered through Prometric Worldwide Testing Centers. Before taking the exam, candidates must agree to keep exam content confidential. Candidates must electronically accept the Symantec Certification Agreement via http://www.symantec.com/certtracker Candidates must adhere to Certification Logo Usage Guidelines. Candidates pay all required fees for exams to Prometric. Symantec strongly recommends building appropriate hands-on experience before taking exams. Candidates maintain their profile information via CertTracker, Symantec's Certification Tracking Tool, and on the Prometric Web site. Before retaking a failed exam, Symantec recommends that candidates evaluate area(s) for further development and experience. Finding More Information Further information on the SCTS, Small Business Security certification, as well as other Symantec certification programs, can be found on the Web at http://www.symantec.com/education/certification . You can also contact Symantec's certification experts directly via e-mail at certification@symantec.com . Conclusion Symantec provides small businesses with a robust set of tools designed to increase their security posture: Symantec AntiVirus, Symantec Client Security, and Norton AntiSpam. The SCTS, Small Business Security certification is designed to demonstrate a candidate's ability to plan, install, configure, and manage these three Symantec products in a small business setting. As you explore the rest of this book, you'll develop the knowledge base necessary to work with these products in a production environment. Chapter Review Questions Question 1-1 Which two Symantec security solutions help protect desktop systems against spyware? Select the two correct answers. Symantec AntiVirus Norton AntiSpam Symantec Client Security Question 1-2 Which three types of program are generally considered to be threats? Select three correct answers. Viruses Worms Phishing Spyware Spam Adware Trojan horses Question 1-3 What type of malicious code spreads from system to system with some user intervention? Select the correct answer. Viruses Worms Phishing Spam Question 1-4 What type of malicious code spreads from system to system without user intervention? Select the correct answer. Viruses Worms Phishing Spam Question 1-5 What type of malicious code spreads by deceiving computer users into thinking it is a beneficial program? Select the correct answer. Viruses Trojan horses Worms Spam Question 1-6 After you pass the Symantec Certified Technical Specialist exam, for how long does your certification remain valid? Select the correct answer. Six months One year Two years Three years Five years Question 1-7 A brokerage's computers were hacked into, causing a network failure. No customer accounts were affected, and the brokerage didn't suffer any monetary loss. However, the brokerage was forced to stop business operations for several hours, causing employees to sit idly waiting for the repair. The brokerage also suspects that some customers might have switched to another brokerage as a result of the incident. What type of losses has the brokerage incurred? Select the two correct answers. Direct loss Indirect loss Productivity loss Legal exposure Chapter Review Answers Answer 1-1 Answers A and C are correct. Both Symantec AntiVirus and Symantec Client Security provide automatic detection and removal of spyware, adware, viruses, worms, and Trojan horses on desktops, laptops, and file servers. Symantec Client Security adds firewall intrusion prevention capabilities to defend against blended threats such as Nimda and Blaster. Answer 1-2 Answers A, B, and G are correct. Viruses, worms, and Trojan horses are all threats. Phishing is a variant of spam, neither of which is considered a threat. Spyware and adware are classified as security risks. Answer 1-3 Answer A is correct. Viruses are malicious code that spread from system to system with some user intervention. Worms are similar to viruses but spread without requiring user intervention. Phishing and spam are not types of malicious code. Answer 1-4 Answer B is correct. Worms are malicious code objects that spread from system to system without user intervention. Viruses are similar to worms but require user intervention. Phishing and spam are not types of malicious code. Answer 1-5 Answer B is correct. Trojan horses present themselves to the computer user as a beneficial program, such as a game or utility. While they're running the advertised function, they deliver their malicious payload in the background. Answer 1-6 Answer C is correct. Symantec Certified Technical specialist credentials are valid for two years from the date you pass the SCTS, Small Business Security examination and accept the Symantec Certification Agreement. Answer 1-7 Answers B and C are correct. The brokerage suffered a productivity loss when employees were forced to sit idly waiting for the network to be repaired. They also suffered an indirect loss when customers switched to another brokerage firm as a result of the incident. There was no direct loss or legal exposure described in the scenario. (c) Copyright Pearson Education. All rights reserved. Excerpted from (SCTS) Symantec Certified Technical Specialist: Small Business Security Study Guide by Mike Chapple, Nik Alston, Kirk Hausman All rights reserved by the original copyright owners. Excerpts are provided for display purposes only and may not be reproduced, reprinted or distributed without the written permission of the publisher.