Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • 2 - C235 LP1 Lecture 2.2 - Malware Protection and Prevention

    Загружено:

    Sundeel Bin Haleem
    28 просмотров20 страниц

    Оригинальное название

    2_C235 LP1 Lecture 2.2 - Malware Protection and Prevention

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    PPTX, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PPTX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    28 просмотров20 страниц

    2 - C235 LP1 Lecture 2.2 - Malware Protection and Prevention

    Загружено:

    Sundeel Bin Haleem

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PPTX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 20

    C235 IT Security and Management

    LP1
    Lecture 2.2 : Malware Protection and
    Prevention
    Learning Objectives

    • Malware Protection

    • Malware Prevention
    Malware Protection
    • Anti-virus Software
    • Personal Software Firewall
    • Pop-up Blockers
    • Windows Defender
    • Anti-spam Software

    3
    Anti-virus Software
    • The purpose of anti-virus software is to detect and
    eliminate malware.
    • Most anti-virus software combine the following
    approaches when scanning for malware:
     Signature-based Scanning
     Heuristic Scanning
    Signature-based Scanning
    • Anti-virus software contains a virus dictionary with
    thousands of known virus signatures.
    • Virus signatures in the dictionary must be frequently
    updated, as new viruses are discovered daily.
    • This approach will catch known viruses but is limited
    by the virus dictionary. It cannot catch what it does
    not know.

    5
    Heuristic Scanning
    • Heuristic scanning is a method of detecting
    potentially malicious behavior by examining what a
    program or section of a code does.
    • Anything that is “suspicious” or potentially
    “malicious” is closely examined to determine whether
    or not it is a threat to the system.

    6
    Capabilities of Anti-Virus Software
    • Automated Updates
    • Automated Scanning
    • Media Scanning
    • Manual Scanning
    • Email Scanning
    • Resolution

    7
    Personal Software Firewalls
    • Personal firewalls monitor and control traffic passing
    into and out of a single system.
    • It can be use to determine what traffic is ‘good’ and
    allowed to pass and what traffic is ‘bad’ and is
    blocked.

    8
    Personal Software Firewalls
    • Most operating systems come with some type of
    personal firewall included.

    9
    Pop-up Blocker
    • Pop-up blocker is a functionality
    in may web browser to prevent
    pop-ups.

    10
    Windows Defender
    • Purpose is to protect computer from spyware and
    other unwanted software.
     Spyware Detection and Removal
     Scheduled Scanning
     Automatic Updates
     Real-time Protection
     Software Explorer
     Configurable Responses

    11
    Windows Defender
    • Below shows confirmation message after turning off
    the Windows defender in Windows 8

    Copyright © 2009 by Republic Polytechnic,


    12
    Singapore. All rights reserved.
    Antispam Product
    • Attempt to filter out that endless stream of junk
    email so you don’t have to.
    • Some products operate at the corporate level,
    filtering messages as they enter or leave designated
    mail server.
    • Other products operated at the host level, filtering
    messages as they come into your personal inbox.

    13
    Malware Prevention
     Education
     Be careful when you install or run software
     Ensure download is from reliable sources
     Disable autorun
     for removable media such as thumb drive
     Security software
     Personal Software Firewall (block unwanted traffic)
     Anti-virus (get virus dictionary updated)
    Malware Prevention
     Operating System updates
     Windows Update to get the latest bugs fixes that are
    potentially exploitable
     Same with other OS (Linux, Mac OS X, etc)

     Application updates
     Application bugs are potentially exploitable
     May not be part of the Operating System updates – must be
    updated separately

     Advisories circulation by the IT Department


     Updates of new malicious threats
     All users should take note and be vigilant
    Watch video on ‘Malware Prevention’
    • https://www.youtube.com/watch?v=W80-xoZg2pY
    (Time: 0.00-1.59)

    16
    Quiz
    • Which of the following methods is most suitable to
    prevent adware?
    A. Anti-virus Software with heuristic scanning
    B. Personal Software Firewall
    C. Pop-up Blockers
    D. Anti-spam Software

    17
    Quiz
    • It is important to update the virus dictionary of an
    anti-virus software because
    A. heuristic scanning may not work if virus dictionary is
    not updated.
    B. the anti-virus software will not reflect the latest
    version
    C. the virus dictionary will capture signatures of all new
    malware.
    D. the anti-virus software will be slow in detecting
    malware.

    18
    Quiz
    • Antivirus software cannot detect this type of
    malware. Which type?
    A. Ransomware.
    B. Virus because it attached to executable files.
    C. Worm because it can replicate independently.
    D. Zero-day because it is a new malware.

    19
    At the end of this lesson, you should be able to

    • Describe the various malware protection methods.

    • Explain the various measures taken to prevent


    malware.

    Вам также может понравиться