Friday, January 25, 2019
Discussion question Essay
The lab consist of using the AVG run down in the virtual machine to detect the different threats that were undercoat which were locomote to the estimator virus vault. The window defender was used to verify the different contagions and spyw argon that were found in the virtual machine. Malw be and spyw be are growing trends in the world of technology. It is trusty to know the steps to take just in case your trunk is infected with these nasty vixenish malware and spyware.This is a screen solidus of the number of threats that were identified by the skim.Screen shot of the exposit reckon of the inaugural infection CHelixIRRAMwin32ddwin32dd.sys fifth column horse Hider.JItravel to virus VaultScreen shot of the detailed view of the 2nd infection CHelixIRnirsoftLSASecretsView.exeMay be infected by unknown virus Win32/DHHhMXFE8VGwtravel to Virus VaultScreen shot of the detailed view of the 3rd infectionCHelixIRbinpwdump2.exeMay be infected by unknown virus Win32/DHHhRPFRsMoved t o Virus VaultScreen shot of the detailed view of the 4th infection CHelixIRbinPsh.exe Trojan horse Dropper.Generic4.BVMAMoved toVirus VaultScreen shot of the 1st detailed spyware CHelixIRnirsoftastlog.exePotentially harmful platform Logger.IACMoved to Virus VaultScreen shot of the 2nd detailed spyware CHelixIRFoundstoneFPipe.exePotentially harmful programme Tool.ITMoved to Virus VaultScreen shot of the 3rd detailed spyware CHelixIRbincryptcat.exePotentially harmful program RemoteAdmin.IHMoved to Virus VaultThis is a screenshot of the Virus Vault.This is a screenshot of the AVGs menace Detected alert window.This is a screenshot of the productreview.pdf archive displayed in the vault.Remediation stepsThere are many steps that can be followed to engage malware and spyware.There are several steps to excerpt infections such as a Trojan horse or a Trojan eye dropper from your com prepareer corpse. 1. Reboot the system2. Make the system restore is turn off so that the system does restore the infected appoint. 3. Launch anti-virus packet that is installed on the system. 4. Go to disk view and highlight your com attributeer and hence select scan/ repair to that the anti-virus can detect the Trojan and put it in the cycle bin. 5. Restart the system and make received the recycle bin is emptied. 6. Make positive(predicate) the Trojan was deleted successfully by runnel anformer(a) scan.The steps to remove spyware are different than the steps to remove an infection. The steps are as follows 1. First, delete the temporary files.2. Make sure the system restore is turned off.3. Then install anti-virus/ anti-spyware program, an examples would be instant defender, or malwarebyte ant-malware. 4. Run a full scan and whatever is found, past delete it5. Restart computer to make sure the spyware is deleted.This is a screenshot of the buck Transfer file.Lab Assessment Questions and Answers1. Workstation and desktop devices are prone to viruses, malware, and bead y-eyed software product, especially if the user surfs the profit and World Wide Web. Given that users consociate to the Internet and World Wide Web, what security countermeasures can organizations implement to dish mitigate the risk from viruses, malware, and malicious software? Organizations can restrict certain(prenominal) sites, keywords like blogs, and mirror sites.Organizations can block ingress of files that discontinue potentially dangerous content and also consider blocking all flavorless executables from entry (Centre for the Protection of matter Infrastructure, 2004). They can also make sure specific ports are shut down this can prevent can doors when accessing a site. There are a lot of websites out there that do not need accessibility, especially for work environment.2. Your employees e-mail file attachments to each other and externally through the organizations firewall and Internet connection. What security countermeasures can you implement to service mitigat e the risk of page e-mail attachments and URL Web links? Many business owners must examine what is at risk when they communicate sensitive data over email. The first thing is to make sure that a right-hand(a) virus protection software is install and modifyd on everyone computer place. Second it is good that all key departments within the organization, such as legal IT and H, see the policies require them to sign off on the email filtering, retention, retrieval and abstract policies (Small communication channel Computing round, 2011).3. Why is it recommended to do an antivirus signature file update before performing an antivirus scan on your computer? Signature files contain the latest list and behavior of known viruses that why its heavy to update the antivirus signature file before performing a scan on your computer. Anti-virus programs release signature files updates regularly sometimes daily sometimes more often because new viruses are being identified on a daily bas is (Loza, 1999). 4. Once a malicious file is found on your computer, what are the default settings for USB/removable device examine?What should organizations do regarding use of USB hard drives and slots on existing computers and devices? Many of the USB devices name serial numbers associated with them. Most of the scanning and tracking details would be use with most of the USB mass storage devices. Organizations should immediately disable the gondola run on the system. The devices that are connected to the infected computer should be scan for malicious malware and spyware. 5. If you find a suspect executable and bid to perform dynamic analysis, what does that mean? Dynamic analysis is the testing and military rating of a program by executing data in real time (Rouse, 2006). The objective of the dynamic analysis is to find errors in a program while it is running rather than repeatedly examine the commandment offline. The codes are easily notice while the program is in use to he lp detected the error codes.6. What is a malware and malicious code sandbox?A sandbox is a virtual environment with its own its own node operating system where intercepted incoming can be observed (Jackson, 2013). By observing the behavior in the sandbox, it should notice and blocked malware regardless of whether the code or the vulnerability it exploits is already known.7. What are typical indicators that your computer system is compromised?There are several indicators that your system may be compromised. The computer is extremely slowApplications wont startCant connect to the InternetThe antivirus is turn offThere are all told different browsers, and item are opening up and there are a lot of pop ups. 8. Where does AVG Business Edition 2012 place viruses, Trojans, worms, and other malicious software when it finds them? When going through the steps in the AVG Business Edition 2012 in the lab the viruses, Trojans, worms, and other malicious software were put in a vault. It was the n deleted out of the virus vault. The viruses are insulate and then isolated and deleted by the user. 9. What other viruses, Trojans, worms, or malicious software were identified and quarantined by AVG within the Virus Vault upon utmost of the Whole Computer Scan? There were 4 infections that were found during the consentaneous computer scans. The 4 infections are as follows Trojan horse Hider.JIWin32/DHHhMXFE8VGwWin32/DHHhRPFRsTrojan horse Dropper.Generic4.BVMAIn the scan was also 3 spyware that were found as wellLogger.IACTool.ITRemoteAdmin.IH10. What elements are needed in a workstation domain policy regarding use of antivirus and malicious software prevention tools? It is important that the needed elements are included in the workstation policy to make sure that the antivirus and malicious software are used properly. Tech support must make sure that everyone is following the guidelines of keeping the system safe from malware and spyware. A policy should be in place to let th e employees know the importance of using the antivirus and malicious tools properly.ConclusionBy going through the steps in the lab, there were many infections and spyware that were detected and later travel to the virus vault. The different viruses were locomote to the vault so that they would not infect the rest of the system. In sagaciousness were steps that must be taken to make sure that the infections and spyware are completely deleted from the system. Therewere many techniques that were learned about infections and spyware and where they should be moved when they are detected by the AVG scan.ReferenceCentre for the Protection of National Infrastructure (2004). Mitigating the risk of Malicious Software. Retrieved from http//www.cpni.gov.uk/documents/publications/2004/2004002 advice_malicious_software.pdf Jackson, W (2013). Hackers new trick for move through sandboxes Retrieved from http//gcn.com/blogs/cybereye/2013/02/hackers-new-trick-outwitting-sandboxes.aspxLoza, C, (199 9). Why Is It Important to Constantly Update Antivirus Software? Retrieved from http//www.ehow.com/facts_6850079_important-constantly-update-antivirus-software_.htmlRouse, M (2006). Dynamic Analysis Retrieved from http//searchsoftwarequality.techtarget.com/definition/dynamic-analysis Small Business for Computing Staff (2011). 5 Email Security Tips to Protect Your Small Business. Retrieved from http//www.smallbusinesscomputing.com/webmaster/article.php/3928231/5-Email-Security-Tips-to-Protect-Your-Small-Business.htm
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment