9.2 - Combat Malware

 9.2 - Combat malware 

 

Key Terms: 

  • Heuristic algorithm – Algorithms that generate fairly accurate results in a short amount of time by focusing on speed instead of accuracy and completeness. 

 

Malware Detection 

Using anti-malware software is another line of defence against malicious programs. These programs use a variety of detection methods to identify malware on a system. 

    • Scanning – When a virus is detected, the anti-malware developer identifies its unique characteristics. Then a scanning process is written to look for those signatures on a system. The anti-malware program identifies the virus if found and eliminates it from the system. 
    • Integrity checker – An anti-malware program may look for changes in the system’s files and behaviours. This will alert the user that they may have malware on their system. The drawback to this is that they may receive false flags as a result. 
    • Interceptors – An interceptor defends against malware making network requests. It would alert the user if a request has been made that it deems suspicious. 
    • Code emulation – A code emulator is when an anti-malware program opens a virtual environment to run malware and monitor its activity. 
    • Heuristic analysis – Heuristic analysis is when malicious code signatures are compared to other suspicious files in hopes of identifying similarities. 

 

Malware Penetration Test 

There are 12 steps in a malware penetration test: 

  1. Scan for open ports 
  2. Scan for running processes 
  3. Check registry entries 
  4. Verify running Windows services 
  5. Check startup programs 
  6. Check the Event Log 
  7. Verify installed programs 
  8. Scan files and folders 
  9. Verify device drivers 
  10. Check network and DNS settings/activity 
  11. Scan for suspicious API calls 
  12. Run anti-malware scans 

Malware Removal 

If malware is detected on a system, the user should immediately isolate the computer from the network. This will help to eliminate possible spreading routes. Then they should update anti-malware software and complete a scan. Then, they should sanitise the system using their anti-malware software. 

Comments

Post a Comment

Popular posts from this blog

OSA Assignment 1 - Task 3 GUIDE

Image
  OSA Assignment 1 – Task 3 Guide     Exam parameters   Time length – 5 hours (2x 2 ½ sessions)   Marks available – 28     Task 3: Design – Communication Equipment   In this task you are required to submit :   A technical proposal covering the switches, wireless infrastructure and specifications   Justification of planned network architecture and considerations for security, resilience, performance and redundancy   Evidence print screens   Annotated floor plan/network diagram     Technical Proposal   The technical proposal in task 3 follows a similar format as task 2. It's another large document detailing the requirements and recommendations for the company. In task 3, however , it should discuss communication and other digital equipment such as switches, CCTV and APs.   You should recommend multiple hardware solutions and justify between them.   Here are some examples of tables and information ...
Read more

OSA Assignment 1 - Task 1 GUIDE

  OSA Assignment 1 – Task 1 Guide     Exam parameters   Time length – 3 hours   Marks available – 20     Task 1: Planning   In this task you are required to submit :   A project plan   Gantt chart showing th e critical path   Explanation of legal requirements   Physical and digital threat countermeasures   Annotated floor plan     Gantt Chart   The Gantt Chart is the first document you should create. This details each phase of the project alongside the timescale to complete it.   Ensure you make a note of the deadline for the project along with any pre-requisites such as cabling. This should all be implemented into your Gantt Chart.   You can follow a layout like this:   Project:   Pre considerations (Gathering project timescale, risk assessments, ...)   Planning (Devising project plan, identifying budget, ...)   Design (Research hardware, identify topology, ...)   Pre ...
Read more

OSA Summer 2023 Mock - Task 1, Assignment 1

Image
  OSA Summer 2023 Mock – Task 1           Legal requirements   The company must ensure they are compliant with the correct legislation whilst the project is undertaken.   If any person is working at height, the correct safety measures to prevent injury or death must be imposed under The Work at Height Regulations 2005. They must have an appropriate safety harness on and hazardous areas at height should be i dentified in the risk assessment.   By storing data internally on a local file server, the business is responsible for maintaining the confidentiality, availability and integrity of that data. They must comply with The Data Protection Act 2018 and General Data Protection Regulations.   Display screen equipment regulations (DSE) should be considered when installing workstations. Ergonomic and posture-friendly chairs should be installed and employees given appropriate breaks from working around screens.     Data p...
Read more