Description: Malicious Code And Activity Task
Classification Description: Malicious Code and Activity
Task
Base on the premise that there is a mix of computers running Windows 2000, Windows XP, Windows Vista, Windows 7, and Mac OS X, you must research and devise a plan to thwart malicious code and activity by implementing countermeasures and prevention techniques for dealing with viruses, worms, logic bombs, Trojan horses, and other related forms of intentionally created deviant code.
Introduction
Malicious software is written with the intent to damage or infect the system of Richman Investment. Malicious code or software is a threat to any internet-connected device or computer. The main goal of the attack is to affect one of the three information security properties which are Confidentiality, …show more content…
* IDS and IPS monitoring of incoming and outgoing network traffic, including anti-virus, anti-spyware and signature and anomaly-based traffic monitors.
* Routing ACLs that limit incoming and outgoing connections as well as internal connections to those necessary for business purposes.
* Proxy servers that inspect incoming and outgoing packets for indicators of malicious code and block access to known or suspected malware distribution servers.
* Filtering to protect against attacks such as cross-site scripting and SQL injection.
User Level
* User education in awareness, safe computing practices, indicators of malicious code, and response actions.
Preventive Techniques
Network Users (including departmental staff on permanent, temporary, contract or casual tenure):
* Ensure they do not disable or interfere with the operation of antivirus software.
* Ensure corporate/education and TAFE personal computers/laptops in use are regularly made available for antivirus software updates.
* Exercise caution when opening email and related attachments.
* Do not download software from the Internet unless authorized by senior management and the technology support officer. Risks may include infringement of copyright in addition to introduction of malware or malicious …show more content…
* Report incidents of security breaches in relation to incidents of malware and malicious code infection and any unusual related behavior to their immediate supervisor.
* Isolate infected computers from the network quickly to prevent further infection. To isolate the computer, either turn it off or disconnect the network cable.
* Scan all files and information contained on portable media and storage devices (such as DVDs, USB drives, floppy disks, etc.) for malware and malicious code prior to being used on any department information systems (such as laptops, PDAs, desktop computers, etc.).
Definitions
Antivirus
Anti-virus software is used to prevent, detect and remove a range of malware, including computer viruses, worms, trojan horses, adware and spyware.
Computer Virus
Computer program that can copy itself and infect a computer. The term ‘computer virus’ is sometimes used as a catch-all phrase to include all types of malware, including true viruses.
Malicious Code
A piece of unwanted computer software or code introduced into another program, attached to a document or exists on its own, for malicious purposes.
Task
Base on the premise that there is a mix of computers running Windows 2000, Windows XP, Windows Vista, Windows 7, and Mac OS X, you must research and devise a plan to thwart malicious code and activity by implementing countermeasures and prevention techniques for dealing with viruses, worms, logic bombs, Trojan horses, and other related forms of intentionally created deviant code.
Introduction
Malicious software is written with the intent to damage or infect the system of Richman Investment. Malicious code or software is a threat to any internet-connected device or computer. The main goal of the attack is to affect one of the three information security properties which are Confidentiality, …show more content…
* IDS and IPS monitoring of incoming and outgoing network traffic, including anti-virus, anti-spyware and signature and anomaly-based traffic monitors.
* Routing ACLs that limit incoming and outgoing connections as well as internal connections to those necessary for business purposes.
* Proxy servers that inspect incoming and outgoing packets for indicators of malicious code and block access to known or suspected malware distribution servers.
* Filtering to protect against attacks such as cross-site scripting and SQL injection.
User Level
* User education in awareness, safe computing practices, indicators of malicious code, and response actions.
Preventive Techniques
Network Users (including departmental staff on permanent, temporary, contract or casual tenure):
* Ensure they do not disable or interfere with the operation of antivirus software.
* Ensure corporate/education and TAFE personal computers/laptops in use are regularly made available for antivirus software updates.
* Exercise caution when opening email and related attachments.
* Do not download software from the Internet unless authorized by senior management and the technology support officer. Risks may include infringement of copyright in addition to introduction of malware or malicious …show more content…
* Report incidents of security breaches in relation to incidents of malware and malicious code infection and any unusual related behavior to their immediate supervisor.
* Isolate infected computers from the network quickly to prevent further infection. To isolate the computer, either turn it off or disconnect the network cable.
* Scan all files and information contained on portable media and storage devices (such as DVDs, USB drives, floppy disks, etc.) for malware and malicious code prior to being used on any department information systems (such as laptops, PDAs, desktop computers, etc.).
Definitions
Antivirus
Anti-virus software is used to prevent, detect and remove a range of malware, including computer viruses, worms, trojan horses, adware and spyware.
Computer Virus
Computer program that can copy itself and infect a computer. The term ‘computer virus’ is sometimes used as a catch-all phrase to include all types of malware, including true viruses.
Malicious Code
A piece of unwanted computer software or code introduced into another program, attached to a document or exists on its own, for malicious purposes.