Free Ebook cover Cybersecurity Fundamentals for Absolute Beginners

Cybersecurity Fundamentals for Absolute Beginners

New course

14 pages
All courses > Information Technology > Cyber Security ::

Device and Network Basics: Updates, Wi‑Fi, and Simple Hygiene

Capítulo 11

Estimated reading time: 15 minutes

+ Exercise

What “device and network basics” means in practice

Most beginner-friendly security wins come from a small set of habits that reduce easy opportunities for attackers: keeping devices updated, using Wi‑Fi safely, and practicing simple “hygiene” (small routine checks and settings that prevent common problems). This chapter focuses on the parts you can control on your own devices and home networks without needing advanced tools.

Think of your setup as layers: your device (phone, laptop, tablet), your router/Wi‑Fi, and the services you connect to. If any layer is neglected—like an outdated phone, a router with old firmware, or a shared Wi‑Fi password—attackers may not need sophisticated tricks. They can rely on known weaknesses, misconfigurations, or careless sharing.

Updates: the simplest high-impact defense

An “update” is a package of changes that fixes bugs, improves performance, and often patches security vulnerabilities. A security vulnerability is a mistake in software that can be abused to do something the software’s owner did not intend—like reading data, running code, or bypassing protections. When a vulnerability becomes publicly known, attackers can build or reuse tools to exploit it. Updates close those holes.

Why updates matter even if you “don’t do anything risky”

Many attacks do not require you to click anything. Some target devices through network services, browser components, document viewers, or messaging features. If your device is behind on updates, it may contain known weaknesses that are already documented and actively exploited. Updating reduces the number of known “open doors.”

What to update (it’s more than the operating system)

  • Operating system (OS): Windows, macOS, iOS, Android, Linux.
  • Apps: Browsers, messaging apps, office apps, PDF readers, password managers, banking apps.
  • Browser components: Browsers update frequently because they handle untrusted content from the internet.
  • Router firmware: The router is a small computer. It needs updates too.
  • Device firmware: Some devices (laptops, phones, smart TVs) receive firmware updates that fix low-level issues.

Update types you’ll see

  • Security updates: Focused on fixing vulnerabilities; often urgent.
  • Feature updates: Add or change capabilities; can also include security improvements.
  • Firmware updates: For hardware components (router, BIOS/UEFI, modem, IoT devices).

Practical steps: set up updates on common devices

The goal is to make updates automatic where possible and predictable where not. You want fewer “I’ll do it later” moments.

Continue in our app.

You can listen to the audiobook with the screen off, receive a free certificate for this course, and also have access to 5,000 other free online courses.

Or continue reading below...
Download App

Download the app

Step-by-step: Windows (general approach)

  • Open system settings and find the update section (commonly “Windows Update”).
  • Turn on automatic updates if available.
  • Click “Check for updates” and install what’s offered.
  • Schedule active hours so restarts happen when you’re not working.
  • Enable updates for other Microsoft products if you use them (Office, etc.).

Practical habit: once a week, manually check for updates even if automatic updates are on. This catches cases where updates paused due to a restart requirement.

Step-by-step: macOS (general approach)

  • Open system settings and locate software update.
  • Enable automatic updates and automatic security responses if offered.
  • Install updates and restart when prompted.
  • Update apps through the official app store or the app’s built-in updater.

Step-by-step: iPhone/iPad (iOS/iPadOS)

  • Open Settings and locate Software Update.
  • Turn on Automatic Updates (download and install).
  • Keep enough free storage so updates can download.
  • Update apps via the App Store (enable automatic app updates).

Step-by-step: Android

  • Open Settings and search for “System update” or “Software update.”
  • Install OS updates and security patches when available.
  • Enable automatic app updates in the Google Play Store.
  • Check for updates for major apps (browser, messaging) if you disabled auto-update.

Important reality: some Android devices stop receiving updates earlier than others. If your device no longer receives security patches, treat it as higher risk and consider upgrading when possible.

Step-by-step: Browser updates (all platforms)

  • Use a modern, supported browser.
  • Ensure it updates automatically.
  • Restart the browser occasionally; many updates apply only after a restart.

Practical example: if you leave your laptop running for weeks and never restart your browser, you may be “stuck” on an older version even though the update downloaded.

Router firmware updates: often forgotten, often important

Your router sits between your devices and the internet. If it’s outdated or misconfigured, it can expose your entire home network. Router vulnerabilities can allow attackers to change DNS settings, open remote access, or join your router to a botnet.

Step-by-step: update a home router (generic process)

  • Find the router model name and hardware version (often on a label).
  • Log in to the router’s admin interface (usually via a local address like 192.168.0.1 or 192.168.1.1).
  • Locate “Firmware Update” or “Administration” settings.
  • Check for updates and install them.
  • Reboot the router if required.
  • Verify the firmware version changed after the update.

Safety note: only use firmware from the router manufacturer or your ISP’s official update mechanism. Avoid random download sites.

Update timing: when to update immediately vs. when to wait

  • Update immediately: security updates, browser updates, router firmware updates, and anything labeled “critical.”
  • Consider waiting briefly: major feature upgrades on a work-critical device, especially if you rely on specialized software. Waiting a few days can reduce the chance of early bugs, but do not postpone security patches for long.

Wi‑Fi basics: what your router is really doing

Wi‑Fi is the wireless connection between your device and your router. The router then connects to the internet through your modem or built-in modem. Wi‑Fi security is about preventing nearby people (or anyone who gets the password) from joining your network, and preventing outsiders from managing your router.

Key Wi‑Fi terms you should recognize

  • SSID: the Wi‑Fi network name you see in the list.
  • Encryption/security mode: how the Wi‑Fi connection is protected (WPA2, WPA3, etc.).
  • Passphrase: the Wi‑Fi password.
  • Router admin password: the password to change router settings (not the same as Wi‑Fi password).
  • 2.4 GHz vs 5 GHz (and 6 GHz): frequency bands; 5/6 GHz are often faster and less crowded but shorter range.

Choose the right Wi‑Fi security mode

Modern Wi‑Fi security modes include WPA2 and WPA3. Older modes like WEP are insecure and should not be used. If your router supports WPA3, use it. If you have older devices that cannot connect to WPA3, use WPA2 (AES) rather than mixed or legacy modes when possible.

Step-by-step: secure a home Wi‑Fi network

These steps are written generically because router interfaces differ, but the concepts are consistent.

  • 1) Change the router admin password: Log in to the router admin page and set a strong, unique admin password. This prevents someone on your network (or sometimes from outside, if remote management is enabled) from taking over the router.
  • 2) Set Wi‑Fi encryption to WPA3 (or WPA2-AES): In wireless settings, choose WPA3-Personal if available. If not, choose WPA2-Personal with AES. Avoid WEP and avoid WPA/WPA2 mixed modes if you can.
  • 3) Use a long Wi‑Fi passphrase: A good Wi‑Fi password is long and not guessable. Length matters more than complexity. Example pattern: a random phrase with 4–6 unrelated words plus numbers, or a password manager-generated string.
  • 4) Disable WPS (Wi‑Fi Protected Setup): WPS is designed for convenience (push-button or PIN), but it has a history of weaknesses and is often unnecessary. Turn it off unless you truly need it.
  • 5) Update router firmware: Do this before and after changing settings if you haven’t updated in a long time.
  • 6) Review remote management settings: If the router offers “Remote Management,” “Web Access from WAN,” or similar, disable it unless you have a specific need and understand how it’s secured.
  • 7) Create a guest network: Use a guest Wi‑Fi for visitors and for devices you don’t fully trust. Ideally, configure it so guests cannot access your main devices (client isolation).

Guest networks and why they matter

A guest network is a separate Wi‑Fi network that limits what connected devices can reach. This helps in two common situations: visitors’ phones/laptops and “smart” devices (TVs, speakers, plugs) that may not receive updates reliably. If a guest device is infected or poorly secured, separation reduces the chance it can scan or access your main computers.

Practical example: you host a gathering and share your Wi‑Fi. If you share your main Wi‑Fi password, you may later forget who has it. With a guest network, you can change the guest password after the event without disrupting your own devices.

Public Wi‑Fi: what to do differently

Public Wi‑Fi (cafes, airports, hotels) is convenient but less predictable. You don’t control who else is connected, how the network is configured, or whether the access point is legitimate. Your goal is to reduce exposure and ensure your traffic is protected.

Step-by-step: safer use of public Wi‑Fi

  • 1) Confirm the network name with staff: Attackers can create lookalike networks (for example, “CoffeeShop_Free”).
  • 2) Turn off auto-join for open networks: Configure your device not to automatically connect to any available Wi‑Fi.
  • 3) Prefer HTTPS sites and modern apps: Most reputable sites use HTTPS by default; avoid entering sensitive data on sites that show warnings.
  • 4) Use a trusted VPN if you have one: A VPN can protect traffic from local eavesdropping on the Wi‑Fi network. It does not make unsafe sites safe, but it reduces what others on the same Wi‑Fi can see.
  • 5) Avoid sensitive actions when possible: For example, changing account recovery settings or handling large financial transfers on public Wi‑Fi. If you must, use your phone’s cellular hotspot instead.
  • 6) Enable your device firewall (laptops): Ensure the network is marked “Public” on Windows so sharing is restricted.
  • 7) Turn off sharing features: Disable file sharing, AirDrop receiving from everyone, and similar discovery features when in public places.

Hotspots: a practical alternative

Your phone’s personal hotspot uses cellular data and creates a small Wi‑Fi network you control. It’s often safer than unknown public Wi‑Fi. Use a strong hotspot password and turn the hotspot off when not in use.

Simple device hygiene: small routines that prevent big problems

“Hygiene” means routine care: keeping settings sensible, reducing unnecessary exposure, and noticing early warning signs. These steps don’t require advanced knowledge, but they reduce the odds that a small issue becomes a serious incident.

Lock screens and automatic locking

If someone can physically access your unlocked device, many other protections become irrelevant. Use a lock screen and set a short auto-lock timer.

  • Phones/tablets: Use a PIN or passcode (not just swipe). Prefer biometric unlock only as a convenience layer on top of a passcode.
  • Laptops/desktops: Require a password on wake and set the screen to lock quickly when idle.

Practical example: if you step away at a café for 30 seconds, an unlocked laptop can be enough for someone to install unwanted software or copy files.

Device encryption (protects data if the device is lost)

Encryption makes stored data unreadable without the unlock key. Many modern phones encrypt by default when you use a passcode. For laptops, ensure full-disk encryption is enabled (for example, BitLocker on Windows editions that support it, or FileVault on macOS).

  • Check whether encryption is enabled in your security/privacy settings.
  • If it’s not enabled, follow the built-in steps to turn it on and allow the initial encryption process to complete.
  • Store recovery keys safely (for example, in a password manager or printed and stored securely).

Firewalls: keep the default protections on

A firewall controls which network connections are allowed in and out. For beginners, the best practice is usually to keep the built-in firewall enabled and avoid opening ports unless you understand why.

  • Windows/macOS: Ensure the system firewall is on.
  • Router: Keep default inbound blocking enabled; be cautious with “port forwarding.”

Practical example: a game console or smart device may ask you to enable port forwarding. Only do this if necessary, and prefer safer alternatives like UPnP being off and using vendor-supported methods. If you must forward ports, forward only what’s needed and document it so you can remove it later.

App and software hygiene: fewer programs, fewer problems

Every installed app is additional code that can have bugs, request permissions, or run background services. Keeping your device “lean” reduces attack surface and makes unusual behavior easier to spot.

  • Uninstall apps you don’t use.
  • Prefer official app stores or vendor sites for downloads.
  • Avoid “driver updater” tools and “system cleaners” that promise miracles; they often create risk rather than reduce it.
  • Review browser extensions and remove anything unnecessary.

Permissions: check what apps can access

Phones and modern desktops allow apps to request access to location, microphone, camera, contacts, photos, and more. Many apps request more than they need.

  • Review permissions periodically (monthly or quarterly).
  • Set sensitive permissions to “While using the app” rather than “Always,” when available.
  • Disable microphone/camera access for apps that don’t need it.

Practical example: a flashlight app does not need access to your contacts or microphone. If it requests them, that’s a sign to avoid it.

Backups: hygiene for recovery, not just storage

Backups are a safety net when devices fail, are lost, or become unusable. A backup is most useful when it is automatic and tested.

Step-by-step: a simple backup plan

  • 1) Choose at least one automatic backup method: cloud backup, external drive backup, or both.
  • 2) Include what matters: photos, documents, and any important project folders.
  • 3) Set a schedule: daily for active devices, weekly for less-used computers.
  • 4) Test restore: try restoring a file to confirm the backup actually works.
  • 5) Protect the backup: use encryption where possible and keep external drives in a safe place.

Practical example: if your laptop stops booting after a failed update, a recent backup turns a crisis into an inconvenience.

Home network hygiene: quick checks that pay off

  • Rename your Wi‑Fi network thoughtfully: Avoid including your full name or apartment number in the SSID. It’s not a huge risk by itself, but it reduces unnecessary personal exposure.
  • Change default router settings: Default admin credentials are widely known. Change them immediately.
  • Check connected devices: Most routers show a list of connected devices. Review it occasionally for anything unfamiliar.
  • Turn off unused features: If you don’t use USB sharing, media servers, or remote access features on the router, disable them.
  • Use separate networks when possible: Main network for your computers/phones; guest or IoT network for smart devices.

Recognizing early warning signs on devices and networks

Beginner-friendly security also includes noticing when something is “off.” These signs don’t prove an attack, but they are reasons to investigate.

  • Unexpected pop-ups or new toolbars: especially in the browser.
  • Sudden performance or battery drain: could be normal aging, but also could indicate unwanted background activity.
  • New apps you don’t remember installing: treat as suspicious.
  • Browser homepage/search engine changed: often caused by unwanted extensions.
  • Router settings changed or internet behaving strangely: for example, frequent DNS errors, unexpected redirects, or unknown devices connected.

Step-by-step: basic response when you suspect a device issue

  • 1) Disconnect from networks: turn off Wi‑Fi or unplug Ethernet to stop ongoing communication.
  • 2) Update and scan: run built-in security tools and update the OS and apps.
  • 3) Remove suspicious extensions/apps: uninstall anything you don’t trust.
  • 4) Check for system updates again: ensure you’re fully patched.
  • 5) Change key passwords from a known-clean device: if you suspect compromise, do this from another device you trust.
  • 6) Consider a reset if problems persist: backing up important data first, then performing a factory reset or OS reinstall can be the cleanest fix for persistent issues.

Putting it together: a simple weekly and monthly routine

Weekly (10 minutes)

  • Check for OS updates on your main devices and install them.
  • Restart devices that have been running for a long time (especially browsers).
  • Quickly review installed browser extensions and remove anything you don’t use.
  • Confirm backups ran successfully (look for a “last backup” timestamp).

Monthly (20–30 minutes)

  • Log in to your router: check for firmware updates and review connected devices.
  • Review app permissions on your phone.
  • Change the guest Wi‑Fi password if you shared it widely.
  • Test restoring one file from your backup.

Practical examples: common beginner scenarios

Scenario 1: “My Wi‑Fi password is shared with too many people”

Fix: create a guest network and move all visitors to it. Then change your main Wi‑Fi password and reconnect only your own devices. If your router supports it, enable guest isolation so guest devices can’t see each other or your main devices.

Scenario 2: “My router is from my ISP and I never touch it”

Fix: log in once, change the admin password, confirm WPA2-AES or WPA3 is enabled, disable WPS, and check whether firmware updates are automatic. If the ISP manages updates, you still benefit from changing passwords and disabling risky features.

Scenario 3: “I keep postponing updates because I’m busy”

Fix: enable automatic updates and set a weekly reminder to restart your device. Many security fixes only become active after a restart. If you rely on your computer for work, schedule updates for a predictable time (for example, Friday evening).

Scenario 4: “I travel and use hotel Wi‑Fi often”

Fix: use your phone hotspot for sensitive tasks, disable auto-join, keep your firewall on, and avoid device-to-device sharing on public networks. If you use a VPN, ensure it connects automatically on untrusted Wi‑Fi.

Now answer the exercise about the content:

Which action best reduces the risk of someone taking control of your home router settings?

You are right! Congratulations, now go to the next page

You missed! Try again.

Changing the router admin password helps prevent others from logging into the router admin interface and altering settings like DNS, remote management, or Wi-Fi configuration.

Next chapter

Defensive Thinking: Reducing Exposure and Limiting Damage

Arrow Right Icon
Learn Cyber Security

LearnCyber Security

Discover free online courses in Cyber Security, from fundamentals to advanced topics. Gain skills with free certifications in IT Security, Pen Testing, and more today!

 Learn Information Technology

LearnInformation Technology

Our IT free online courses offer top-notch training in the latest technologies and tools, including programming languages, web development, cybersecurity, and more.
Download the app to earn free Certification and listen to the courses in the background, even with the screen off.
QR Code - Baixar Cursa - Cursos Online

Download our app via QR Code or the links below:.

Get it on Google Play Get it on App Store