Discussion question Essay

The lab consist of using the AVG st ar in the virtual cable car to detect the different threats that were found which were go to the com localiseing machine virus vault. The window protector was used to verify the different infections and spyw ar that were found in the virtual machine. Malw be and spywargon argon growing trends in the world of technology. It is bang-up to know the steps to usurp just in case your agreement is give with these nasty chippingchy malware and spyware.This is a screen pellet of the number of threats that were identified by the scan.c everywhere shot of the critical view of the beginning(a) infection CHelixIRRAMwin32ddwin32dd.sys trojan horse Hider.JI go to com flummoxer virus VaultScreen shot of the elaborate view of the second infection CHelixIRirsoftLSASecretsView.exeMay be infected by transcendental virus Win32/DHHhMXFE8VGwtravel to Virus VaultScreen shot of the detailed view of the 3rd infectionCHelixIRinpwdump2.exeMay be infected by unk nown virus Win32/DHHhRPFRsMoved to Virus VaultScreen shot of the detailed view of the 4th infection CHelixIRinPsh.exeTrojan horse Dropper.Generic4.BVMAMoved toVirus VaultScreen shot of the 1st detailed spyware CHelixIRirsoftastlog.exepotentially harmful political program Logger.IACMoved to Virus VaultScreen shot of the 2nd detailed spyware CHelixIRFoundstoneFPipe.exePotentially harmful program Tool.ITMoved to Virus VaultScreen shot of the 3rd detailed spyware CHelixIRincryptcat.exePotentially harmful program RemoteAdmin.IHMoved to Virus VaultThis is a screenshot of the Virus Vault.This is a screenshot of the AVGs holy terror Detected alert window.This is a screenshot of the productreview.pdf show displayed in the vault.Remediation locomoteThere are many steps that can be followed to finish up malware and spyware.There are several steps to postulate infections such as a Trojan horse or a Trojan dropper from your computer system. 1. Reboot the system2. Make the system restore is moody off so that the system does restore the infected show. 3. Launch anti-virus computer software program product that is installed on the system. 4. Go to disk view and highlight your computer and whence select scan/ repair to that the anti-virus can detect the Trojan and put it in the cycle bin. 5. Restart the system and make received the recycle bin is emptied. 6. Make for certain(a) the Trojan was deleted successfully by lead an new(prenominal) scan.The steps to remove spyware are different than the steps to remove an infection. The steps are as follows 1. First, delete the temporary files.2. Make sure the system restore is turned off.3. Then install anti-virus/ anti-spyware program, an examples would be bit defender, or malwarebyte ant-malware. 4. Run a full scan and whatever is found, so delete it5. Restart computer to make sure the spyware is deleted.This is a screenshot of the shoot Transfer file.Lab Assessment Questions and Answers1. Workstation and desktop d evices are prone to viruses, malware, and catty software, especially if the user surfs the net profit and World Wide Web. Given that users refer to the Internet and World Wide Web, what security countermeasures can organizations implement to dish out mitigate the risk from viruses, malware, and vindictive software? Organizations can restrict true sites, keywords like blogs, and mirror sites.Organizations can block ingress of files that contain potentially dangerous content and also consider blocking all flavourless executables from entry (Centre for the Protection of matter Infrastructure, 2004). They can also make sure specific ports are shut down this can prevent subscribe doors when accessing a site. There are a lot of websites out in that respect that do not need accessibility, especially for work environment.2. Your employees e-mail file attachments to each other and externally through the organizations firewall and Internet connection. What security countermeasures can you implement to armed service mitigate the risk of monkey e-mail attachments and URL Web links? Many business owners mustiness examine what is at risk when they communicate sensitive data over email. The first thing is to make sure that a good virus protection software is install and modifyd on everyone computer place. Second it is good that all key departments within the organization, such as legal IT and H, infer the policies require them to sign off on the email filtering, retention, retrieval and abstract policies (Small business organisation Computing round, 2011).3. Why is it recommended to do an antivirus signature file update beforeperforming an antivirus scan on your computer? Signature files contain the latest list and behavior of known viruses that why its of import to update the antivirus signature file before performing a scan on your computer. Anti-virus programs release signature files updates regularly sometimes daily sometimes more often because new vi ruses are being identified on a daily basis (Loza, 1999). 4. Once a malicious file is found on your computer, what are the default settings for USB/removable device examine?What should organizations do regarding use of USB hard drives and slots on existing computers and devices? Many of the USB devices consecrate serial numbers associated with them. Most of the scanning and tracking details would be use with most of the USB mass storage devices. Organizations should immediately disable the political machine run on the system. The devices that are connected to the infected computer should be scan for malicious malware and spyware. 5. If you find a suspect executable and tender to perform dynamic analysis, what does that mean? Dynamic analysis is the testing and military rank of a program by executing data in real time (Rouse, 2006). The objective of the dynamic analysis is to find errors in a program while it is running rather than repeatedly examine the inscribe offline. The c odes are easily notice while the program is in use to help detected the error codes.6. What is a malware and malicious code sandbox?A sandbox is a virtual environment with its own its own guest operating system where intercepted incoming can be observed (Jackson, 2013). By observing the behavior in the sandbox, it should notice and blocked malware regardless of whether the code or the vulnerability it exploits is already known.7. What are typical indicators that your computer system is compromised?There are several indicators that your system may be compromised. The computer is extremely slowApplications wont startCant connect to the InternetThe antivirus is turn offThere are only different browsers, and item are opening up and thither are a lot of pop ups. 8. Where does AVG Business Edition 2012 place viruses, Trojans, worms, and other malicious software when it finds them? When going through the steps in the AVG Business Edition 2012 in the lab the viruses, Trojans, worms, and o ther malicious software were put in a vault. It was then deleted out of the virus vault. The viruses are set-apart and then isolated and deleted by the user. 9. What other viruses, Trojans, worms, or malicious software were identified and quarantined by AVG within the Virus Vault upon point of the Whole Computer Scan? There were 4 infections that were found during the social unit computer scans. The 4 infections are as follows Trojan horse Hider.JIWin32/DHHhMXFE8VGwWin32/DHHhRPFRsTrojan horse Dropper.Generic4.BVMAIn the scan was also 3 spyware that were found as wellLogger.IACTool.ITRemoteAdmin.IH10. What elements are needed in a workstation domain polity regarding use of antivirus and malicious software prevention tools? It is important that the needed elements are included in the workstation policy to make sure that the antivirus and malicious software are used properly. Tech support must make sure that everyone is following the guidelines of keeping the system safe from malwa re and spyware. A policy should be in place to let the employees know the importance of using the antivirus and malicious tools properly.ConclusionBy going through the steps in the lab, there were many infections and spyware that were detected and later go to the virus vault. The different viruses were moved to the vault so that they would not infect the rest of the system. In estimation were steps that must be taken to make sure that the infections and spyware are completely deleted from the system. Therewere many techniques that were learned about infections and spyware and where they should be moved when they are detected by the AVG scan.ReferenceCentre for the Protection of National Infrastructure (2004). Mitigating the risk of Malicious Software. Retrieved from http//www.cpni.gov.uk/documents/publications/2004/2004002 advice_malicious_software.pdf Jackson, W (2013). Hackers new trick for slithering through sandboxes Retrieved from http//gcn.com/blogs/cybereye/2013/02/hackers- new-trick-outwitting-sandboxes.aspxLoza, C, (1999). Why Is It Important to Constantly Update Antivirus Software? Retrieved from http//www.ehow.com/facts_6850079_important-constantly-update-antivirus-software_.htmlRouse, M (2006). Dynamic Analysis Retrieved from http//searchsoftwarequality.techtarget.com/definition/dynamic-analysis Small Business for Computing Staff (2011). 5 Email Security Tips to Protect Your Small Business. Retrieved from http//www.smallbusinesscomputing.com/webmaster/article.php/3928231/5-Email-Security-Tips-to-Protect-Your-Small-Business.htm