Protect Application or System Software

.
Chapter One
User Accounts Control
Introduction on user access control
❑What is user access control(UAC)?
• User access control(UAC) is a feature in computer systems that helps protect the
system from unauthorized changes or harmful actions.
• It controls who can access file, program, and setting, ensuring only trusted user
or application can make important changes.
• UAC prevents malware or users without proper permissions from changing
system settings or installing harmful software.
❑Example:- if a program tries to make a significant change to your system, like
installing software, UAC asks for your permission or requires on administrator’s
password.
Why Do we Use UAC
1. Protection from malware: UAC prevents malicious programs (malware) from
making unauthorized changes to your system.
❑Example:- you accidentally download a suspicious program from the internet.
Without UAC, the program could secretly install a virus that steals your personal
data.
❑With UAC:
• The program attempt to install itself.
• UAC promotes you for permission.
• You notice the program is unfamiliar and block it, protecting your system.
Why Do we Use UAC
2. Preventing Unauthorized Changes: UAC ensures only authorized
users or programs make changes to system settings.
❑Example:- a child using your computer tries to disable antivirus software or
change important settings.
❑With UAC:
• The action requires administrative rights.
• UAC promotes for the admin password.
• With out the password, the setting remain secure.
Why Do we Use UAC
3. Limiting Damage from Errors: sometimes even trusted programs or users can
make mistakes. UAC ensure critical change are deliberate.
❑Example:- You accidentally open a ligtimate-looking file that modifies system
files.
❑With UAC:
• The modification requires admin approval.
• You notice the unusual request and deny it, avoiding potential harm.
Why Do we Use UAC
4. Safe Use of Shared Systems: UAC allows multiple users to share the same
system without risking its stability.
❑Example:- On a shared family computer, your sibling downloads a game that
needs system wide changes.
❑With UAC :
• The system promotes for admin credentials.
• You decide weather to allow the installation, preventing unnecessary risks.
Why Do we Use UAC
5. User Accountability: UAC ensures users are aware of action requiring administrative
privileges and holds them accountable for decisions,
❑Example:- you try to install a new media player.
❑With UAC:
• Promotes you to confirm the installation.
• This makes you pause and check if the software is safe.
• By approving the action, you acknowledge responsibility for the changes made.
❑Why it matter:
• Prevents accidental installations of harmful software.
• Ensures users actively approve changes reducing unintentional security breaches.
Why Do we Use UAC
6. System stability: UAC ensure only necessary and verified changes are made to
the system, reducing risks of crashes or errors.
❑Example:- Your friend attempts to modify critical windows setting (e.g disabling
the firewall) with out realizing the potential impact.
❑With UAC:
• Prompts for an administrator password.
• Without it, the system blocks the action, maintaining security and stability.
❑Why it Matter:
• Protect against accidental or malicious changes that could corrupt the system.
• Ensure smooth operation by limiting unnecessary disruptions.
Why Do we Use UAC
7. Ease of Use: UAC allows non-administrator users to perform everyday tasks
without requiring full admin rights.
❑Example:- You’re logged in as a standard user and need to connect to a Wi-Fi
network.
❑With UAC:
• Allow you to configure basic network settings with out admin credentials.
• However, if you try to install network drivers, UAC prompts for an admin
password.
❑Why it Matter:
• Enables users to perform common tasks without security risks.
• Reduce the need to log out and switch accounts, improving productivity
How Does UAC Work
1. Blocking unauthorized Actions
• When a program tries to make system changes, UAC access its permission and
decides if it needs administrative rights.
❑Example:- You install a new printer.
❑UAC:
• Prompts you for admin approval since it needs to add drivers to the system.
• You approve, and the printer installs securely.
How Does UAC Work
2. Prompting for Consent:
• UAC asks for your approval before granting elevated permissions to programs or
users.
❑Example:- A software update attempt to modify system files.
❑UAC:
• Displays a consent prompt for admin users to approve.
• You confirm to the update, ensuring only trusted programs make changes.
How Does UAC Work
3. Differentiating User Roles:
• UAC assigns specific access levels to different users.
❑Standard Users: Limited permissions, cannot make critical changes.
❑Administrator Users: Full permissions but still require UAC prompts for safety.
❑Example:- Your coworker uses your laptop to browse the internet but cannot
install new software without your approval.
How Does UAC Work
4. Color-coded prompts for safety
• UAC prompts are color-coded to indicate the risk level of the program or action.
❑Green: verified system changes(e.g updates from microsoft).
❑Yellow: verified third-party programs(e.g Adobe).
❑Red: Unverified or unknown programs(e.g suspicious downloads).
❑Example:- you download a file, and the UAC prompts is red. This warns you the
file is unverified. Allowing you to reconsider running it.
Components of User Access Control
• Users access control (UAC) relies on three core components to manage and
enforce access restrictions effectively:
➢Identification and Authentication,
➢Authorization and
➢Accountability
• Each component plays a specific role in ensuring systems security.
Components of User Access Control
1. Identification and Authentication:
• Identification: verifies who is trying to access the system by requiring unique identification (e.g
username or IDs).
• Authentication: Confirms the user’s identity using credential like passwords, smart cards, or
biometrics.
❑Why is important:
• Ensures only verified users can access the system.
• Prevents unauthorized users or processes from gaining entry.
❑Examples:- Scenario: you log in to your office computer.
• Identification: You enter your unique username (e.g “Ashenafi.wube”).
• Authentication: You provide your password or scan your fingerprint to confirm it’s really you.
❑What happens if absent:
• Without proper identification and authentication anyone could access your data. Posing server security
risks
Components of User Access Control
2. Authorization:
• Defines what an authenticated user or object can access and the extent of their access
❑Why is important:
• Restricts users from accessing or modifying data or systems they’re not authorized to handle.
• Protect sensitive information and system integrity.
❑Examples:- Scenario: You are a standard user trying to install software on a shared family
computer.
• The system checks your access level.
• Since you’re not an administrator UAC blocks the installation and prompts for admin credentials.
• If approved by admin, the software installs.
❑What happens if Absent:
• Without authorization controls, all users could access sensitive files or make changes, leading to
security breaches or accidental system damage.
Components of User Access Control
3. Accountability:
• Tracks and records what actions a user or process perform once access is granted.
❑Why is important:
• Provide a clear record of user activities,
• Helps identify and resolve security incidents by tracking who did, what and when.
❑Example:- Scenario: an admin user changes a security policy in a company system.
• UAC logs the activity, including the username, time and detail of the change.
• If something goes wrong later (e.g a security breach), you can trace it back to the admin
user.
❑What happens if Absent:
• Without accountability, there’s no way to determine responsibility for unauthorized or
harmful actions.
Summary Table of Components
Component Role Examples

Identification & Authentication Verifies user identity Logging in with username and
password or scanning a fingerprint.

Authentication Defines access rights A standard user cannot install

software with out admin credential

Accountability Tracks user activates UAC logs show who disabled the
firewall and when, helping resolve
security incidents.
Real-World Scenario
• Imagine a company system with sensitive financial data:
1. Identification: Each employee has a unique ID to log in.
2. Authentication: They must also enter a password or use biometrics
authentication to confirm their identity.
3. Authorization: a junior employee can view basic financial reports but cannot
access payroll data or modify settings.
4. Accountability: if someone tries to access restricted data, UAC logs the
attempt, enabling the IT team to investigate.
• These components together from a robust security framework, ensuring only
trusted users perform authorized actions,
User Access Control Policies
• UAC policies define the rules and methods for identifying, authenticating and
managing access for users or objects with in a system.
• These policies enforce restrictions to ensure secure operation and protect
sensitive data.
Key policies:
➢Identification Policies and
➢Authentication Policies
User Access Control Policies
1. Identification Policies:
• Ensure users and objects (e.g devices) are uniquely identified in the system.
• Methods include username MAC addresses, or IP addresses.
❑Example:- Scenario: A company’s systems requires employee to log in using their
unique username (e.g “Hanna”).
• This ensures that each user’s actions are tied to their identity, preventing
anonymity and unauthorized access.
❑What Happens without these Policies:
• If user names are not unique, multiple users could share the same account,
making it impossible to trace who performed certain actions.
User Access Control Policies
2. Authentication Policies:
• Verifies the identity of users or objects using secure methods like passwords, biometrics or
hardware tokens.
❑Requirements:
• Strong Passwords (e.g minimum length, special character, no similarity to username).
• Use of secure authentication tools like smart cards or biometric readers.
❑Examples:-
• scenario: An employee logs in to a secure database using a password and fingerprint scanner.
• Outcome: Even if someone steals their password, they can’t log in without the fingerprint.
❑What Happens without this Policies:
• A weak password policy allows users to set simple passwords like “123456” making it easy for
hackers to breach the system.
User account control process and interaction
UAC manages how applications and users interact with system permissions,
ensuring only authorized actions are executed.
How works:
❑Access token creation :
• When a user logs in, an access token is created, defining their permissions.
• Administrators get two tokens:
• Standard Access Token: used for regular tasks like browsing or reading files.
• Admin Access Token: used for actions requiring elevated privileges, like installing
software
❑Example:- Scenario: an admin browses the web using a standard token to
minimize risks. When they need to install software, UAC prompts them to use the
admin token.
Logon Process
• The logon process in a system with UAC determines how user gain access and
what permission they receive.
• It create access token that define a user’s permission for application and tasks
during a session.
Key Steps in Logon Process:
1. Access Token Creation:
• When a user logs in the system generate an access token containing:
➢User-specific security identifiers (SIDs)
➢Privileges assigned to the user.

• Standard User Token:

• Created for all users, including administrators.
• Grants basic access for daily tasks.
Key Steps in Logon Process:
• Admin Token:
• Created for administrators.
• Grants elevated privilege for critical system changes.

❑Example:-
• Standard user logs in to browse the web and check emails.
• The system assigns a standard user token, restricted actions like installing
software.
Key Steps in Logon Process:
2. Role-Based Access:
• Standard users:
➢ Can access files and run application but cannot modify system setting.
• Administrators:
➢Use a standard token by default for safety but can switch to the admin token
when required.
❑Example:-
• an administrator logs in and launch their email client
• The email client uses the standard token for security.
• To install a software update. The admin must switch to the elevated token.
Key Steps in Logon Process:
3. Elevation prompts:
• Consent prompt:
➢ If a program requests admin access, the user must approve it.
• Credential prompt:
➢ Standard users must provide an admin password to continue.
❑Example:- A user tries to install new software.
• UAC detects the action needs admin rights and prompts for consent or credentials.
• Benefits of The Logon Process:
• Separates daily tasks from admin actions, reducing accidental system changes
• Limits the impact of malware by running most applications with standard permissions,
The consent and credential prompts
• UAC uses consent and credential prompts to manage tasks requiring elevated
privileges.
• These prompts ensure that only authorized users or administrators can approve
critical changes to the system.
Consent prompt
• The consent prompt is shown when an administrator attempts to perform a task
requiring elevated privileges.

❑How it works:
• The system displays a message asking the admin to confirm or deny the action
• If the admin approves, the task proceeds.
• If denied. The action is blocked.
Consent prompt
❑Example:- Scenario : you try to install a new application as an admin.
• UAC shows a consent prompts asking: “Do you want to allow this app to make
changes to your device?”
• You click Yes to proceed or No to cancel.

❑Why is important:
• Prevents unauthorized programs from making changes without the admin’s
explicit approval.
• Reduce risks from accidental actions or malware.
Example
Credential prompt
• The credential prompt appears when a standard user tries to perform an action
requiring admin privileges.
• It requires the user to enter valid admin credentials (e.g username and
password).

❑How it works:
• The system displays a logon prompts asking for admin credentials.
• The user enters the credential to proceed.
• Without the credentials, the action is blocked.
Credential prompt
❑Example:- Scenario: A standard user attempts to change firewall settings.
• UAC displays a prompt asking for the admin’s username and password.
• The action is only allowed if the credentials are entered correctly.

❑Why is important:
• Prevents unauthorized users from making critical changes.
• Ensure tasks requiring elevated privileges are handled securely by trusted
individuals.
Example
Key d/f b/n Consent and Credential prompts
Prompt Type Who see it Action Require Purpose

Consent prompt Admin Users Approve of deny the Confirms that the admin
action authorizes the task .

Credential prompt Standard Users Enter Admin username Verifies admin credential
and password to allow access.
Advantages of Consent and Credential prompts:
• Prevents unauthorized actions by ensuring all changes are intentional.
• Reduce malware risks by alerting users before harmful actions occur.
• Enhances accountability by requiring users approval or credential for sensitive tasks.

❑Real-World Scenarios:
➢ Consent prompt:
• An administrator tries to disable the antivirus .
• UAC shows a yellow consent prompt. The admin clicks yes after reviewing the request.
➢ Credential prompts:
• A student using a shared school computer wants to install a new browser extension.
• UAC displays a red credential prompts, requiring the IT admin’s password.
• The action is blocked without the password.
CON’T
3. Color-Coded or elevation prompts:
• Both prompts are Color-coded to indicate the source and risk level of the action :
❑Green: Trusted system changes (e.g window updates).
❑Yellow: verified third-party apps (e.g software from a recognized vendor).
❑Red: unverified or potentially unsafe program (download from unknown
sources).
Here's how to turn UAC on or off in Windows 10 and later:

1. Type UAC in the search field on your taskbar.

2. Click change user account control setting in the search results.
3. Then do the following:
➢To turn UAC off, drag the slide down to Never notify and click ok.
➢To turn UAC on, drag the slider up to the desire level of security and click ok.
4. You maybe prompted to confirm your selection or enter an administrator
password.
5. Reboot your computer for the change to take effect.
Here's how to turn UAC on or off in Windows 10 and later:
Configure Security Policy Setting in window 10
• Configuring security policy setting ensures that an organization’s devices and
network are protected from unauthorized access and vulnerabilities,
• security policies manage user authentication, permissions and other critical
security aspects
What are security policy settings?
• Security policy setting are rules configured on a computer or group of devices to
control system behavior and protect recourses like file, applications and network
connections.
• These polices are often managed through tool like Local Group Policy Editor or
Group Policy Objects (GPOs) in active directory environment.
Key Features of Security Policy Settings
1. User Authentication
• Ensure only authorized user can access the system or network.
2. Access Control
• Define what recourse user can access and what action they can perform.
3. Event Logging
• Records actions performed by users for auditing and troubleshooting.
4. Device Configuration
• Manages system setting like password policies, account lockouts and network
security.
Types of Security Policies
1. Account Policies
➢ Control user account behavior, including
• Password policies: Require strong passwords and periodic updates.
• Account Lockout Policies: lock accounts after multiple failed login attempts.
• Kerberos Policies: used in domain environments to manage authentication
protocols.
❑Example:- Set a policy requiring user to create password with at least 8
characters, including a mix of letters, numbers and symbols
Types of Security Policies
2. Local Policies
➢ apply to individual devices , including:
• Audit Policy: Logs security events like successful or failed logins.
• User Rights Assignment: Specifies which users can perform specific actions (e.g
log in remotely, shut down the system).
• Security Options: Configures settings like blocking USB devices or renaming the
administrator account.
❑Example:- Enable auditing to track failed login attempts for potential hacking
attempts.
Types of Security Policies
3. Window Firewall with Advanced Security
• Configure network traffic rules to block unauthorized access and permit trusted communication.
❑Example:- Create a rule to block incoming traffic on non-secure ports while allowing HTTPS traffic.

4. Software restriction Policies

• Restricted or allow specific software applications based on their security certificates or file paths.
❑Example:- prevent unauthorized users from running scripts or executable files from USB drives.

5. Application Control Policies

• Specify which users or group can run particular applications.
❑Example:- allow only IT administrators to access system tools like PowerShell or task manager
How to Configure Security Policies Using Group Policy Editor

❑ Step 1: Open Local Group Policy Editor

➢ Press Window + R, type “gpedit.msc”, and press Enter.
❑ Step 2: Navigate to Security Settings
➢ Go to Computer Configuration ---> Windows Settings ---> Security Settings.
❑ Step 3: Edit Specific Policies
• Password Policies:
➢ Navigate to Account Policies ---> Password Policy and set rule like minimum password length, expiration
time, and complexity requirements.
• Account Lockout Policies:
➢ Go to Account Policies ---> Account Lockout Policy and configure setting like lockout duration and failed
attempt thresholds.
❑ Step 4: Save and Apply Changes
➢ Save the setting and restart the computer if necessary.
Real-World Examples
1. Protecting User Accounts:
• Configure a password policy requiring passwords to expire every 90 days and lock accounts after
failed attempts.
2. Securing Network Access:
• Use window firewall to block all incoming traffic except remote desktop connections on specific ip
ranges.
3. Preventing Unauthorized Software:
• Apply software restriction policies to block unknown applications downloaded from the internet.

❑Benefits of Security Policies Settings

• Improved Security: Protect against unauthorized access and malicious activities.
• Centralized Management : Enables administrators to manage security across multiple devices.
• Compliance: Helps organizations meet regulatory and industry security standards.
Using Appropriate Utilities to check Strength of Passwords and Their Complexity Rule
• Ensuring strong passwords is crucial for maintaining system security.
• Password strength and complexity rules help prevent unauthorized access to accounts and
sensitive data.
• Utilities and tools are used to access and enforce password policies to meet security standards.
What are password complexity rules:
• Password complexity rule define the requirements for creating a secure
password. This typically include:
1. Minimum Length: At least 8-12 characters.
2. Character Variety: combination of uppercase and lowercase letters, numbers,
and special character.
3. Prohibited Patterns: Avoiding dictionary words, sequential characters (e.g
“1234”), or using username with in the password.
Why use Password Strength Utilities?
1. Evaluate Password Security: Determine if a password is strong enough to resist hacking attempts.
2. Educate Users: Help users understand the importance of complex passwords.
3. Prevent Weak Passwords: block passwords that are easy to guess or appear in common password
lists.
❑Utilities to check password strength:
1. Comparitech password Strength Test:
• Measure password length, complexity and time needed to crack it .
• Detects commonly used passwords and warns users.
❑Example:- Enter “password123” in to the tool. It might report “This password can be cracked in 3
seconds.”
2. Last Pass: How secure is my password?
• Estimates how long it would take a hacker to crack a given password.
❑Example:- Input “mySecurePass@2023” and receive feedback “It would take many years to crack this
password.”
Best practices for Password Strength
Best practice guide users to create secure and memorable passwords that protect
against brute force attacks and phising.
Key Recommendations
1. Use Long passwords:
• Minimum of 12 characters.
• Longer passwords are harder to crack.
2. Include Complexity:
• Combine uppercase, lowercase, numbers and special characters.
• Avoid sequence or patterns (e.g “abcd1234”).
❑Example:- Use “W1nt3r@2024!” instead of “Winter2024”.
3. Avoid personal information:
• Don’t include birthday, names or common phrases.
❑Example:- Avoid “Jhon1985”.
Key Recommendations
4. Don’t Reuse Passwords:
• Unique passwords for every account reduce risk from breaches.
5. Passphrases:
• Crate passwords based on sentences or phrases for easier memorization.
❑Example:- “ILoveCoffee@Sunrise20241”.

❑Real-World Scenarios
• An organization enforces a policy requiring employees to use password like
“passw0rd!2023” instead of weak option like “password123.”
• Password strength tools flags “Summer2023” as weak and recommend
“S@fe#Summer23!” instead.
Password Strength Tools Checkers and Validation Tools
These tools analyze passwords to determine there strength based on predefined
complexity rules.
Key Tools
1. Comparitech Password Strength Test:
• Tests password against common lists and evaluates length and complexity.
• Provide educational feedback to improve weak passwords.
2. Thycotic Password Strength Checker:
• Identifies weak patterns, dictionary words and commonly used passwords.
❑Example:- Enter “Hello@123” and it suggests adding more characters and avoiding dictionary
terms.
3. Lastpass:
• Demonstrates how long it takes to crack a password using modern tools.
4. My1Login:
• Provides a detailed breakdown of potential weakness in passwords.
Why are Password Checkers Important?
• Educate users on strong password practices.
• Identify weak passwords before they are used.
• Encourage better compliances with organizational security policies
Identify Security Gaps
• Identify a security gaps involves finding vulnerabilities in your system that your system
that could allow unauthorized access, data breeches or other malicious activity.
• This process is critical for maintaining robust security and preventing potential exploits.
Key Steps in Identifying Security Gaps
1. Analyze Authentication Method:
• Check if current user authentication methods (e.g passwords, biometrics logins)
are secure and meet organizational policies.
❑Example:- If a system uses weak passwords without multi-factor authentication
(MFA), it’s a security gap.
2. Assess Access Controls:
• Ensure only authorized users can access sensitive resources.
• Review permissions regularly.
❑Example:- An old employee’s account still active on the system is a security gap.
Key Steps in Identifying Security Gaps
3. Check Software Updates:
• Outdated software or operating system often contain unpatched vulnerabilities.
❑Example:- using an outdated version of windows with known exploits creates a security gap.
4. Audit Event Log:
• Regularly check system logs for unusual activity like repeated login failures or unauthorized access
attempts.
❑Example:- A high number of failed login attempts could indicate a brute force attack.
5. Test Firewall and Network Security:
• Evaluate whether firewall and security rules effectively block unauthorizes traffic.
❑Example:- Allowing unrestricted access to all port is a significant gap.
6. Review Security Configurations:
• Verify that all devices and applications follow the organization’s policies.
Authenticating Users
• Authentication is the process of verifying that a user is who they claim to be.
• It ensures only legitimate users gain access to systems or data, making it critical
component of security.
Types of Authentication
1. Password-Based Authentication:
• Users provide a unique username and password to access a system.
❑Example:- Logging in to online banking account with a username or password.
2. Biometric Authentication:
• Verifies identity using unique physical characteristics like fingerprints, facial
recognition or iris scans.
❑Example:- Unlocking smart phone with a fingerprint scanner.
Types of Authentication
3. Multi-Factor Authentication (MFA):
• Combines two or more authentication factors:
➢ Something you know (password).
➢ Something you have (smart card, one-time code).
➢ Something you are (biometric).
❑Example:- Logging in to an email account with a password and a one-time code sent to your phone.
4. Smart Card Authentication:
• Using a physical card embedded with chips containing a user’s credentials.
❑Example:- Employees in secure facilities use smart cards to log into their workstations.
5. Third-Party Authentication:
• Relies on external providers (e.g Google, Microsoft) for authentication.
❑Example:- Logging in to a website using your Google account credentials.
Best Practice for Authentication
1. Enforcing Strong Password Policies:
• Require complex, unique passwords for all accounts.
❑Example:- Mandate at least 12 characters, including uppercase, lowercase, number and special
characters.
2. Implement Multi-Factor Authentication (MFA):
❑Example:- require a code from an authenticator app in addition to a password.
3. Use Biometrics or Smart Card Authentication:
❑Example:- replace password-only logins with fingerprint or smart card access for sensitive systems.
4. Regularly Review Authentication Logs:
❑Example:- Monitor for repeated failed login attempts, which could indicate a brute force attack.
5. Educate Users on Authentication Risks:
❑Example:- train employees not to share passwords or reuse them across platforms.
Real-World Scenarios
1. Identifying Security Gaps:
• A company finds that employees are reusing weak passwords across systems.
• Solution: Implement MFA and conduct regular password audits.
2. Authenticating Users:
• A school introduce biometrics authentication for teachers to access student
records, ensure only authorized personnel can view sensitive data
❑Importance of These Steps
• Security Gaps: Addressing them reduces vulnerability and strengthens system
defenses.
• Authentication: Ensures only verified users access critical recourses, minimizing
the risk of data breaches.
Chapter Two
Detect and remove destructive software
Detect and remove destructive software
This unit focuses on identifying, managing and removing harmful software
(malware) to ensure the security and functionality of computer systems.
What Is Destructive Software?
• Destructive Software, often referred to as malware (malicious software), is any
program or code intentionally designed to cause harm, steal data or disrupt the
normal operations of a computer system, network or application.
Characteristics of Destructive Software
1. Hostile: Designed to infiltrate systems without user consent.
2. Intrusive: Often hidden within legitimate software or files.
3. Varied Impact: Can corrupt files, steal sensitive data, slow down systems or even render them
unusable.

❑How Does Destructive Software Work?

1. Infiltration:
• Often delivered via email attachments, malicious downloads or infected devices.
2. Execution:
• once activated, it performs its intended harmful tasks, like corrupting files or stealing data.
3. Propagation:
• Spreads through networks, external devices or user interactions.
Why Is Destructive Software Dangerous?
1. Data Loss: Deletes or encrypt files, making them inaccessible.
2. Privacy Breach: Steals personal or financial data, leading to identity theft.
3. System Disruption: Slow down or crashes systems, causing operational delays.
4. Financial Loss: Companies may pay ransoms, face legal penalties or incur
recovery costs.

❑Importance of Detecting and Removing Destructive Software:

1. Protect Data Integrity: Ensures sensitive information remains secure.
2. Maintain System Performance: Prevents crashes and slowdowns caused by
malware.
3. Prevent Financial and Reputational Loss: safeguards organizations from costly
breaches and damaged trust.
The Common Types of Destructive Software
Destructive Software or malware come in various forms, each with unique
characteristics and purposes,
The Common Types of Destructive Software
1. Virus:
• A piece of malicious code that attaches itself to a host (file, program or system)
and replicates when execute.
• Can corrupt files, delete data or slow system performance.
❑Example:- A word document infected with a virus spreads to other documents
when opened.
2. Worm:
• Self-replicating malware that spreads across network without needing a host file.
• Consumes bandwidth and disrupt network operation.
❑Example:- A worm infects all computer in a company’s network, causing
slowdown and crushes.
The Common Types of Destructive Software
3. Trojan Horse:
• Disguised as legitimate software but executes harmful tasks in the background.
• Often used to open backdoors for attackers.
❑Example:- A fake video player installs spyware on a device. Or A fake antivirus
program tricks users into installing it, then steals personal information.

4. Spyware:
• Collect user data (e.g browsing habits, keystrokes) without consent.
• Often used for identify theft or targeted advertising.
❑Example:- A malicious browser plugin records login credentials.
The Common Types of Destructive Software
5. Adware:
• Displays intrusive advertisements and redirects users to malicious websites.
• Slow down systems and compromises user privacy.
❑Example:- Pop-up ads appear every time you open a browser, redirecting you to
spammy sites.

6. Ransomware:
• Encrypts files and demands payment to restore access.
• Targets businesses, hospitals and individual.
❑Example:- A ransomware attack locks a company’s file and demands $10,000 in
bitcoin for decryption.
The Common Types of Destructive Software
7. Keylogger:
• Monitors and records keystrokes to steal sensitive information like
passwords or credit card details.
❑Example:- A keylogger captures login credential for an online banking
account.

8. Rootkit:
• Provides attackers with administrative control over a system, often hiding
its presence.
❑Example:- A rootkit disable antivirus programs and allows attackers to
steal data undetected.
The Common Types of Destructive Software
9. Logic Bomb:
• Malicious code triggered by specific conditions, like a data or user
action.
• Can delete files, crash systems or display messages.
❑Example:- A logic bomb is programmed to delete data on a specific
employee’s termination date.
Virus Origin, History and Evolution
The development of computer viruses parallels the evolution of technology,
starting as experiments and progressing to sophisticated tools for harm.
Early History
1. 1940s – 1960s: Conceptual Beginnings
• Mathematician John von Neumann proposed the idea of Self-replicating
automata, laying the foundation for viruses
2. 1971: The creeper Program
• The first recognized virus, created by Bob Thomas, replied across
networked computers.
• It was harmless, displaying the message: “I’m the creeper, catch me if you
can!”
3. 1974: Rabbit Virus
• The first virus designed with malicious intent, it replicated excessively,
slowing systems to a halt.
The Rise of Malicious Viruses
1. 1975: The First Trojan Horse
• Created by John Walker, the Trojan disguised itself as a game but secretly copied
itself to all directories on the host system.

2. 1986: Brain Boot Virus

• Developed by Basit and Amjad Farooq.
• Targeted floppy disk, altering their boot sectors.
Modern Evolution
1. 1980s – 1990s: proliferation
• Early viruses spread via floppy disks and later email attachment as the
internet become widespread.
❑Example:-
➢Melissa Virus (1991): Spread through infected word documents sent via
email.

2. 2000s: Worms and Ransomware

• Worms like Code Red (2001) and Nimda (2001) spread rapidly over
networks.
• Ransomware emerged as a significant threat, encrypting files and
demanding payment
Modern Evolution
3. 2010s: Advanced Threats
• Stuxnet (2010): A sophisticated worm used in cyber warfare to sabotage Iran’s
nuclear program.
• Wannacry (2017): A global ransomware attack affecting hundreds of thousands
of computers.
Key Trends In Virus Evolution
• Increased Sophistication: Modern malware is harder to detect and
remove.
• Economic Impact: Ransomware has become a lucrative criminal enterprise.
• Cyber Warfare: Viruses are now tools for nation-states in conflicts.

❑Conclusion:
• Understanding the history and types of destructive software helps
organizations prepare for and defend against threats.
• From early harmless experiments to today’s sophisticated cyber threats,
malware continues to evolve alongside technology.
Types of Viruses
1. File Infecting Virus
• Attaches itself to executable file and activates when the file is opened or run.
• Can delete or corrupt files and program.
❑Example:- A file infecting virus hides in a game installer, when the game is
opened, the virus spreads to other executable files.

2. Boot Sector Virus

• Infects the boot sector of storage devices (e.g hard drive, USB drive).
• Activates when the system boot, often making the computer unbootable.
❑Example:- A boot sector virus spreads via an infected USB drive, once inserted, it
corrupts the computer’s startup process.
Types of Viruses
3. Macro Virus
• Targets applications that use macros, like Microsoft Office.
• Embedded in documents, it executes harmful actions when the file is
opened.
❑Example:- An infected Excel file runs a macro that deletes important data
from the user’s drive.

4. Polymorphic Virus.
• Changes its code or appearance each time it replicates, making it difficult
to detect.
❑Example:- A polymorphic virus mutates with each infection, bypassing
traditional antivirus programs.
Types of Viruses
5. Resident Virus
• Installs itself in the system’s memory and stays active even after the
infected application is closed.
❑Example:- A resident virus infects a computer’s memory, allowing it
corrupt files opened by the user.

6. Multipartite Virus
• Combines characteristics of multiple viruses, attacking both boot sector
and file.
❑Example:- A multipartite virus infects the boot sector, causing startup
issues and spreads to application files to corrupt them.
Types of Viruses
7. Overwriting Virus
• Overwriting files and data, rendering them unusable, recovery of the
original file is often impossible.
❑Example:- An overwriting virus deletes the contents of text file, leaving
them empty.

8. Worms (Self-Replicating Virus)

• While technically not a virus, worms replicate and spread independently
across networks.
❑Example:- A worm floods a company’s email system, causing slowdowns.
Types of Viruses
9. Stealth Virus
• Conceals itself from antivirus programs by masking its presence.
❑Example:- A stealth virus intercepts antivirus scans and hides in encrypted form.

10. Logic Bomb

• Lies dormant until triggered by a specific condition, like a date or system event.
❑Example:- A logic bomb delete files on a predetermined date, such as April 1st
Virus Infection, Removal and Prevention
.
Virus Infection
1. Email Attachments:
• Infected files sent via email that execute when opened.
❑Example:- A phishing email contains a word document with a macro virus.
2. Infected Websites:
• Malware embedded in websites infects users when they visit the site.
❑Example:- Clicking on a pop-up ad leads to a virus download.
3. USB Drives:
• Viruses spread through external storage devices.
❑Example:- A boot sector virus infects a computer when an infected USB
drive in inserted.
Virus Infection
4. Software Downloads:
• Viruses are hidden in pirated or unverified software.
❑Example:- A file infecting virus is bundled with a cracked game installer.

5. Network Exploits:
• Worms and viruses exploit vulnerabilities in networks to spread.
❑Example:- A worm spreads across a company’s network, infecting all connected
devices.
Virus Infection Symptoms
Viruses can affect computer systems in various ways, recognizing the symptoms
early is crucial for minimizing damage and removing the virus effectively.
Common Symptoms of Virus Infections
1. Slow Systems Performance:
• The computer becomes sluggish or unresponsive due to excessive recourses usage by the
virus.
❑Example:- Applications take much longer to open or crash frequently.
2. Frequent Crashes or Errors:
• The system crashes unexpectedly or displays error messages.
❑Example:- The infamous “blue screen of death” (BSOD) appears frequently on infected
Windows systems.
3. Unusual Pop-Ups:
• Random ads or alerts appear, often redirecting to suspicious websites.
❑Example:- Pop-ups promoting fake antivirus software.
Common Symptoms of Virus Infections
4. Unauthorized Changes:
• Files are deleted, rename or appear without user action.
❑Example:- Important document disappear or unknown shortcut are created on
the desktop.
5. High Network Activity:
• Unusually high internet or network usage occurs, often caused by a worm or
spyware.
❑Example:- Your data usage spikes despite minimal online activity.
6. Disable Security Features:
• Antivirus programs or firewall are turned off without user consent.
❑Example:- The antivirus program cannot be reopened or updated.
Common Symptoms of Virus Infections
7. Strange Emails or Messages Sent Automatically:
• Your email account sends spam or phishing messages without your knowledge.
❑example:- Friend or coworkers report receiving suspicious emails from your
address.

8. Unusual Disk Activity:

• The hard drive or SSD operates excessively even when the system is idle.
❑Example:- The drive light keeps blinking, indicating continuous read/write activity
Common Symptoms of Virus Infections
9. Inaccessible Files:
• Files become encrypted or corrupted, as seen with ransomware infections.
❑Example:- A ransom note replace your document files.

10. Unexpected System Behavior:

• Programs open or closed on their own and input devices behave erratically.
❑Example:- The mouse cursor moves without user input.
Preventing Viruses
Prevention is the best approach to protect systems from viruses, employing robust
security practices and tools can minimize risks significantly.
Key Virus Prevention Strategies
1. Use Antivirus Software:
• Install and regularly update a reputable antivirus program to detect and block threats.
❑Example Tools: Norton, McAfee, Kaspersky, Malwarebytes.
2. Enable Firewalls:
• Use built-in or third-party firewalls to monitor and control incoming and outgoing network traffic.
❑Example:- Enable Windows firewall to block unauthorized access.
3. Update Software Regularly:
• Keep operating systems, applications and security software up-to-date to patch vulnerabilities.
❑Example:- Apply the latest windows or MacOS updates as soon as they’re available.
Key Virus Prevention Strategies
4. Avoid Suspicious Links and Attachments:
• Don’t click unknown links or download attachments from untrusted sources.
❑Example:- Delete phishing emails asking for personal or financial information.
5. Educate User:
• Train individuals to recognize potential threats, such as phishing emails or fake downloads.
❑Example:- Warn employees about downloading unverified software from the internet.
6. Use Strong Password:
• Set unique, complex passwords for accounts and devices to reduce the risk of unauthorized
access.
❑Example:- Use a password manager to generate and store strong passwords.
Key Virus Prevention Strategies
7. Implement Multi-Factor Authentication (MFA):
• Add on additional layer of security, like one-time codes or biometrics.
❑Example:- Require both a password and a fingerprint to access sensitive accounts.
8. Restrict User Privileges:
• Grant administrative privileges only to trusted users and limit permissions for others.
❑Example:- Ensure Standard users cannot install software or access critical files.
9. Scan External Devices:
• Check USB devices, external hard drives or CDs for malware before accessing their contents.
❑Example:- Enable automatic scanning for removable drives in your antivirus software.
Key Virus Prevention Strategies
10. Backup Important Data:
• Regularly back up files to secure location to mitigate the effects of ransomware or other
attack.
❑Example:- Use cloud storage or external drives for daily or weekly backups.
11. Browse Safely:
• Avoid visiting suspicious websites or downloading content from unreliable sources.
❑Example:- Use browser extensions, like ad blockers or URL checkers.
12. Disable Autorun for External Devices:
• Prevent malware from executing automatically when a USB drive or CD is inserted.
❑Example:- Configure the system to require manual approval for autorun files.
Real-World Scenario
• Virus Infection Symptom: A company notices unauthorized mass emails being
sent from employee accounts.
• Prevention Strategy: IT implement MFA, updates all antivirus software, and trains
employees to recognize phishing emails.

❑Why Prevention Is Crucial?

• Reduce Risks: Minimize the chance of infection and data breaches.
• Save Costs: Prevents financial losses from ransomware or system downtime.
• Protects Reputation: Ensures customers trust by maintaining secure systems.
Selecting and Installing Virus Protection and Scheduling Scans
To maintain robust system security, it is essential to choose the right antivirus
software, install it correctly and schedule regular scan. This ensures ongoing
protection from malware threats.
Installing Virus Protection
Installing virus protection or antivirus software is used to prevent, detect, and
remove malware.
Steps to Install Antivirus Software
1. Select Reliable Antivirus Software:
• Choose software based on your needs, such as:
➢Individual Users: lightweight, user-friendly solution (e.g Microsoft Defender, Avast, AVG).
➢Businesses: Enterprise-grade tools with centralized management (e.g McAfee Endpoint,
Symantec).
2. Check System Requirements:
• Ensure the antivirus software is compatible with your operating system and hardware.
3. Download the Software:
• Visit the official websites or authorized store to download the antivirus installer.
• Avoid downloading from suspicious sites to prevent malware.
Steps to Install Antivirus Software
4. Ran the Installer:
• Double-click the downloaded file to start the installation process.
• Follow the on-screen instructions, such as agreeing to terms and selecting
installation preferences.
5. Configure Initial Settings:
• Enable real-time protection and firewall features if available.
• Choose automatic updates to keep virus definitions current.
6. Activate the Software:
• Enter the activation key (if required) to unlock full features.
• Sign in with your account for cloud-based features or subscription management.
Steps to Install Antivirus Software
7. Run an Initial Scan:
• Perform a full system scan after installation to detect and remove any existing
threats.

❑Example Installation with Microsoft Defender:

• Step 1: Ensure Microsoft Defender is enabled on Windows.
• Step 2: Go to Settings --> Privacy & Security --> Windows Security.
• Step 3: Click open Windows Security. Then navigate to Virus & Threat
Protection.
• Step 4: Verify real-time protection is turned on.
Schedule a Scan in Microsoft Defender Antivirus
Regularly scheduled scans helps identify and remove threats that might have been
missed during real-time protection.
Steps to Schedule a Scan in Microsoft Defender
1. In the search box on your taskbar, enter Task Scheduler and open the app.

2. In the left pane, expand Task Scheduler Library --> Microsoft --> Windows, and
then scroll down and select the Windows Defender folder.

3. In the top center pane, double-click Windows Defender Scheduled Scan.

Steps to Schedule a Scan in Microsoft Defender
Steps to Schedule a Scan in Microsoft Defender
4. In the Windows Defender Schedule Scan Properties (Local Computer) window,
select the Triggers tab, go to the bottom of the window, and then select New.
5. Specify how often you want scan to run and when you’d like them start.
Chapter Three
How to Identify and taking action to stop spam
How to Identify and taking action to stop spam
• This unit focus on understanding spam, it’s various types and effective strategies
to prevent or stop spam.
What Is Spam?
• Spam refers to unwanted, unsolicited or irrelevant messages sent over the
internet. Typically via email, but also through messaging apps, social media or
websites.
• Often used for advertising, phishing or spreading malware.
• Sent in bulk to large number of recipients, often without their consent.

❑Key Characteristics of Spam

1. Unsolicited: Sent without the recipient’s permission.
2. Mass-Distributed: Sent to many users at once.
3. Irrelevant Content: Often include ads, scams or promotion.
4. Potentially Harmful: May contain malicious links or attachments.
Examples of Spam
• Email Spam: Messages promoting fake lottery wins or low-cost loans.
• Social Media Spam: Comments with suspicious links on posts.
• SMS Spam: Texts offering unverified services or claiming fake rewards.
Types of Spam
• Spam comes in various forms, targeting users through different channel.
Types of Spam
1. Email Spam:
• Unwanted email sent to promote products, services or scams.
❑Example:- An email claiming, “You’ve won $1,000,000!” with a link to claim the prize.
2. Phishing Spam:
• Designed to steal sensitive information like usernames, password or credit card details.
❑Example:- An email impersonating a bank asking you to verify your account by clicking a link.
3. SMS Spam (Text Spam)
• Unsolicited promotional or scam messages sent via SMS.
❑Example:- A text offering a free gift but requiring payment for shipping.
Types of Spam
4. Social Media Spam:
• Irrelevant comments, fake profile or direct messages promoting scams or harmful links.
❑Example:- A bot account posting a spam links under popular tweets or posts.
5. SEO Posts:
• Exploits websites by inserting irrelevant keywords, links or ads to manipulate search engine
ranking.
❑Example:- A hacked website showing ads for unrelated products like prescription drugs.
6. Malicious Spam (Malspam)
• Spam containing harmful links or attachment that install malware.
❑Example:- An email with an attachment claiming to be an invoice but containing a virus.
How Can I Stop Spam?
• Spam can be effectively managed or stopped using a combination of tools,
practices and awareness.
Best Practice to Stop Spam
1. Use Spam Filters
• Enable spam filters on your email service to block unwanted messages.
❑Example:- Gmail’s spam filter automatically moves suspicious emails to the spam folder.
2. Don’t Share Your Email Publicity
• Avoid sharing your email address on public platform or websites.
❑Example:- Use a contact form instead of displaying your email on your website.
3. Report Spam:
• Use the “Report Spam” or “Block” options in email clients or social media.
❑Example:- Mark unwanted emails in Gmail as spam to prevent future messages.
4. Enable Two-Factor Authentication (2FA)
• Protect your account from phishing attempts by enabling 2FA.
❑Example:- Use a one-time code sent to your phone in addition to your password.
Best Practice to Stop Spam
5. Avoid Clicking Unknown Links
• Don’t click links in unsolicited emails or messages.
❑Example:- Delete emails from unknown senders with suspicious links.
6. Use Secondary Email
• Create a separate email address for online registration or subscription.
❑Example:- Use a temporary email for signing up for free trials.
7. Educate Yourself and Others
• Learn to recognize spam and phishing attempts.
❑Example:- Verify sender email addresses and avoid emails with grammatical errors.
8. Keep Software Updated
• Regularly update email clients and security software to protect against malspam.
❑Example:- Install updates for your antivirus and operating system.
Tools to Stop Spam
1. Email Spam Filters:
❑Example:- Gmail, Outlook, Yahoo Mail.
2. Antivirus Software: Detects and blocks spam containing malware.
❑Example:- Norton, McAfee, Malwarebytes.
3. Browser Extensions: Block spam ads and phishing attempts.
❑Example:- uBlock Origin, Adblock Plus.

❑Example Scenario
• Problem: A user receives daily phishing emails pretending to be form their bank.
• Solution: The user reports the email as spam, enables 2FA on their bank account and
avoids clicking on suspicious links.
Configuring and Using Spam Filters
• Spam filters are essential tools for managing and reducing unwanted messages
in email system.
• They automatically identify and block spam, ensuring your inbox remains clean
and secure.
What is a Spam Filter?
• A spam filter is a program or feature that examines incoming messages, identifies
spam and prevent it from reaching your inbox.
• Purpose: To protect users from spam, phishing attempts and malicious messages.

❑How it Works:
• Filter scan message content, sender information, attachments and links.
• Messages are categorized as span or legitimate based on predefined rule or
machine learning algorithms.
Key Feature of Spam Filters
1. Keyword Scanning: Flags messages containing suspicious words (e.g “free
money ” or “lottery”).
2. Blacklist Checking: Blocks messages from known spammers or flagged IP
addresses.
3. Attachment Scanning: Detect harmful files, such as viruses or malware.

❑Example of Spam Filters Action:

• A phishing email pretending to be from your bank is flagged as spam because the
sender’s address doesn’t match official bank domains.
Email Spam
What Are the Different Types of Spam Filters?
• Spam filters use various methods to identify and block unwanted messages.
What Are the Different Types of Spam Filters?
1. Content-Based Filters
• Analyze the content of an email for spam-like characteristics.
• Looks for keywords, phrases and suspicious formatting.
❑Example:- An email with “Win $1,000,000 now!” in the subject line is flagged.
2. Blacklist Filters
• Block emails from known spam IP addresses or domains listed on a blacklist.
• Regularly updated to include new spammers.
❑Example:- Emails from a flagged domain, such as “spammy-site.com” are automatically blocked.
3. Whitelist Filters
• Allow emails only from approved senders or domains.
• Users manually add trusted addresses to the whitelist.
❑Example:- Emails from [email protected] always reach the inbox.
What Are the Different Types of Spam Filters?
4. Header Filters
• Examine the email header for irregularities, such as fake sender addresses or altered metadata.
❑Example:- An email claiming to from your bank but originating from a foreign server is flagged.
5. Bayesian Filters
• Use machine learning to classify messages based on statistical analysis of past emails.
• Learns what users consider spam or legitimate over time.
❑Example:- If you frequently mark emails with “Free trials” as spam, the filter learns to block
similar messages.
6. Rule-Based Filters
• Apply user-defined rules to block or allow emails based on specific conditions.
• Conditions include sender, subject or keywords.
❑Example:- You create a rule to move emails containing “discount” directly to the spam folder.
What Are the Different Types of Spam Filters?
7. Heuristic Filters
• Use algorithms to assign a spam score based on suspicious patterns in the message.
• Messages exceeding a threshold score are marked as spam.
❑Example:- An email with poor grammar, suspicious links and a fake sender is flagged.
8. Challenge-Response Filters
• Require unknown senders to complete a verification step (e.g solving a CAPTCHA).
• Blocks bots and automated spam emails.
❑Example:- A first-time senders must verify their identity before the email is delivered.
Example:
How to Configure Spam Filters
• Step 1: Enable Filtering in Your Email Client
➢ Gmail: Go to Settings --> Filters and Blocked Addresses--> Create a New Filter.
➢ Outlook: Go to Sitting --> Junk Email --> Block or Allow.
• Step 2: Customize the Filter
• Add known spammers to the blacklist.
• Whitelist trusted senders to ensure their messages are not flagged.
• Step 3: Adjust Sensitivity
• Set spam filter sensitivity to block more spam or allow borderline messages.
• Step 4: Review the Spam Folder Regularly
• Check the spam folder for legitimate emails misclassified as spam.
Benefit of Spam Filters
1. Protects Against Phishing: Blocks emails attempting to steal sensitive
information.
2. Prevents Malware: Flags harmful attachments or links.
3. Save Time: Reduce clutter by keeping spam out of the inbox.
Chapter Four
Perform workplace duties following written notices
Perform workplace duties following written notices

• This unit focuses on how to effectively receive, interpret and follow instructions
in a workplace setting as well as understanding written sources of information
commonly used in the workplace.
Receiving and Following Instructions
❑ Key Point:
1. Importance of Following Instructions:
• Ensure tasks are completed accurately and efficiently.
• Maintains workplace safety and professionalism.
2. Steps to Receive Instructions:
• Listen Carefully: Pay attention to verbal or written instructions without distractions.
• Clarify Doubts: Ask questions if instructions are unclear.
• Take Notes: Write down Key points to avoid forgetting details.
• Acknowledge Instructions: Confirm that you understand by summarizing them.
3. Following Instructions:
• Break the task into smaller steps if it’s complex.
• Prioritize tasks based on urgency or deadlines.
• Refer back to written instructions or guideline as needed.
Examples of Following Instructions:
❑Scenario: Your manager emails you instructions to update a client database.
• You carefully read the email, take notes on key steps and clarify unclear points.
• Then, you update the database following the exact steps provided.

❑Challenges and Solutions:

• Challenge: Misunderstanding instructions.
• Solution: Repeat the instructions back to confirm accuracy.
• Challenge: Forgetting details.
• Solution: Use written notes or checklists.
Written Information Sources
• Written sources of information are critical in the workplace for communication,
task delegation and maintaining records.
• Understanding and using these sources effectively ensures clarity and
accountability.
Types of Written Information Sources:
1. Policies and Procedures:
• Describe organizational rule and guidelines for performing tasks.
❑Example:- Employees handbooks, safety procedures or IT policies.
2. Emails and Memos:
• Used for day-to-day communication and task delegation.
❑Example:- A supervisor sends an email outlining tasks for the week.
3. Report:
• Provide detailed information on specific projects, operations or results.
❑Example:-A financial reports summarizing quarterly revenue.
4. Work Orders:
• Documents instructing workers on tasks, including deadlines and required tools.
❑Example:- A maintenance team receives a work order to repair equipment.
Types of Written Information Sources:
5. Schedule and Timelines:
• Outline timelines and deadlines for tasks or projects.
❑Example:- A week shift schedule for employees.
6. Notices and Announcements:
• Convey important updates or events.
❑Example:- A notice announcing an upcoming team meeting.
7. Instruction Manuals:
• Provide step-by-step guidance on using tools, equipment or software.
❑Example:- A manual explaining how to operate a machine in a factory.
How to Use Written Information Effectively:
1. Read Carefully:
• Avoid skimming to ensure you don’t miss key details.
2. Highlight Key Points:
• Mark important information like deadlines, instructions or warnings.
3. Organize Information:
• Use folders, labels or digital tools to categorize documents for quick reference.
4. Follow Up:
• Confirm with your manager or team if there are update or clarifications needed.
Examples of Using Written Sources:
❑Scenario: You receive a work order to complete a project by Friday, along with a
list of tools needed.
• You review the work order, highlight the deadline, gather the required tools and
complete the task on time.

❑Importance of Following Written Instructions:

• Ensures Accuracy: Minimize errors by providing clear guidelines.
• Enhances Accountability: Written records help track responsibilities and
progress.
• Save Time: Reduces confusion and the need for repeated explanations.