please answer this question Types of Malware and viruses in today\'s world there
ID: 3740300 • Letter: P
Question
please answer this question Types of Malware and viruses in today's world there are a number of major malware, viruses and bugs that are commonly used to infiltrate Internet applications, social engineering and computer networks. List and explain the different malwares and look at what they are, how they work and what tools are available to counter this kind of activities. Al ASAAS’s chief technology officer (CTO) established a plan to mitigate risks, threats, and vulnerabilities. As part of the mitigation plan, you and your team members will configure baseline security controls on all workstations (harden the systems), which run either Windows 7 or Windows 10. For this effort, you will ensure that the antivirus software is running properly and implement a control related to password-hacking attempts. In addition, Al ASAAS’s CTO has asked your team to pay special consideration to continuously monitoring, testing, and improving countermeasures. The CTO points out that within the first 24 hours of configuring baseline security, you may sometimes receive alerts that malware has been quarantined within an antivirus program or notice a failed logon attempt captured by the Windows audit log. In response, you make a note to check the security of the workstation for which you will configure baseline security. The CTO also requests a report on the work you performed, part of which will be incorporated into the company's IT security policy procedures. The report should also include the purposes of system hardening and auditing, and an additional area of concern or emerging trend related to information systems security that's relevant to Al ASAAS. At the end of the report, include a brief statement that explains how your work on this project relates to the larger responsibility you have for supporting the company’s success regarding IT security. Your statement will be considered a part of your upcoming performance review. Tasks If possible, complete the hardening and auditing tasks using a personal computer with the default installation of Windows 7 or Windows 10. If you do not own the necessary hardware and software, consult with your instructor about alternatives. After your work on this project is complete, you may need to return the settings to the previous configuration. 1. Ensure that you are logged in as an administrator. Using a computer that has Windows 7 or Windows 10 installed: a. Review the antivirus program. Ensure that it is up to date, is configured for automatic updates, and is scheduled to run quick scans regularly. Note when the last full system scan was run and any issues you observe with the software. b. Configure audit logging to identify all failed password attempts into the system. 2. After at least 24 hours, check the Windows workstation for security events. Be sure to review the audit log in Windows Event Viewer. 3. Write a report in which you: § Explain how you ensured the antivirus program is up to date, scheduled to run regular quick scans, and when the last full system scan was run. Describe anything significant you observed. § Explain how you configured audit logging to record all failed password attempts into the system. § Describe all the potentially problematic security events that occurred in the 24-hour period after checking the antivirus software and configuring audit logging. § Explain what was done (or should be done) to correct any problems encountered. § Explain the purposes of system hardening and auditing in terms of the company’s goal of maintaining information systems security. Also describe an additional area of concern or an emerging trend related to information systems security that you think warrants the company’s attention in the immediate future. § Briefly explain how your work on this project relates to your responsibility to help the company achieve its IT security goals. Additional Resources § Audit logon events: https://technet.microsoft.com/en-us/itpro/windows/keep-secure/basic-audit-logon-events § How to See Who Logged Into a Computer and When: http://www.howtogeek.com/124313/how-to-see-who-logged-into-a-computer-and-when/ § Event Logs: https://technet.microsoft.com/en-us/library/cc722404(v=ws.11).aspx § Using Event Viewer to Troubleshoot Problems: http://www.howtogeek.com/school/using-windows-admin-tools-like-a-pro/lesson3/ Submission Requirements § Format: Microsoft Word or compatible § Font: Arial 12-point, double-spaced § Length: 3–4 pages You are encouraged to respond creatively, but you must cite credible sources to support your work. Self-Assessment Checklist § I summarized the system-hardening and auditing configuration steps I implemented on a computer using Windows 7 or Windows 10, including: o How I ensured the antivirus software is running properly o How I configured audit logging of all failed password attempts § I described potentially problematic security events that occurred within a 24-hour period, and noted actions that were taken (or should be taken) to address them. § I explained the purposes of system hardening and auditing in terms of the company’s overarching goal of maintaining information systems security. § I proposed at least one area of concern or emerging trend related to information systems security that warrants additional attention. § I explained how my work on this project relates to my professional responsibility to help the company achieve its IT security goals.
Explanation / Answer
We can simply define malware as malicious code. Malware is a software that is developed keeping in point with a malicious intent, or which have have malicious effect. This software is so effective that it can cripple the or disrupt the system's operations and allows the attackers access to confidential and sensitive information.
Different types of malware are:-
1>Adware:- It is the least dangerous and most lucarative malware is there. It display ads in our computer. It presents unwanted advertisements to the user of a computer. There are certain programs which is developed to detect this advertisements. The software includes Ad-Aware, Spyware Doctor etc.
2.>Spyware:- It is a software that spies on you and track your internal activities. Basically it manages the flow of information going to and from a networked computer and provide protection against spyware. Anti-spyware software program can be used basically for the detection and removal of spyware which is already been installed in the computer.
3.>Worm:- It is a standalone computer program which replicates in itself in order to spread other computer. People use regular security updates.
4.> Trojan:- It is the most dangerous malware. It misleads user of it's true intent. In older version of Internet Explorer and Google Chrome Some trojan take advantage of the security flow to host the computer as a proxy to hide effectively.Torjans may allow attacker's to access user's personal information like banking information, password.
As a team member I have to check that antivirus is running properly or not. There are plenty of virus available in the market half of whch don't even detect important virus. If I have to check that antivirus is running properly or not for this I have to create a own virus in the system and then scan it. If virus is detected that means your antivirus is just okay and if not that new antivirus is required.
We will use some techniques to control the password-hacking :-
1.>Use multifactor authentication:- Whlie login to certain accounts the code is required which is being sent to mobile numbers and it takes time , while at this time being there is chance of code leaking.
2.>If Biometric is avaliable then it should be obviously opted.
3.>Software updation is required at regular interval. It helps the data to be safe.
If we are working in an organisation the important things is to be kept in mind that our data is safe and the value of the business is in data.The network team work on checking the confidentiality of the data.
The role is quite close to the network administrator. There are many roles of the network administrator to achieve the company goals:-
(i) Designing and planning the network
(ii) setting up the network
(iii) Maintaining the network
(iv) Expanding the network
If all this is done in a proper way then it becomes very easy to achieve the company goals. As mentioned in the questions that the network security is checked throughly like the password policy, Antivirus updates, risk, threats and vulnerabilities etc. It doesn't matter whether our security program is 5 pages or 200 long. The important thing is that the security program that we have, is used to address the company's security in an organized and comphrensive way. If the security program is developed in an efficient it becomes easier to achieve the goals of the team. It helps us to identify and stay in compliance that affect how we manage our data. It keeps us in right track to manage both clients and customers to achieve thier objective. Actually it is life-cycle process which ensure that security is continously adapting to our environment and ofcourse it is best thing to do because data security is same as protecting our important assets. By this way company achieves its IT security goals.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.