Anti-Malware Tools Flashcards
1
Q
Anti-virus and anti-malware
A
• You need both
- Real-time options
- Not just an on-demand scan
- Modern anti-malware recognizes malicious activity
- Doesn’t require a specific set of signatures
2
Q
Windows Recovery Environment
A
- Very powerful
- Very dangerous
- Last resort
- Complete control
- Fix your problems before the system starts
- Remove malicious software
• Requires additional information
• Use, copy, rename, or replace operating system files
and folders
• Enable or disable service or device startup
• Repair the file system boot sector or the master boot
record (MBR)
3
Q
Starting the console
A
- Windows 7 - System Recovery Options / CMD
- Boot from installation media
- Or select from F8 Advanced Boot Menu
- Windows 8/8.1/10
- Troubleshoot / Advanced Options / CMD
- Boot from installation media
4
Q
Backup / restore
A
- Always have a backup
- This is the best insurance policy ever
- Image backup built into Windows
- In Windows 8/10 it’s called
- Backup and Restore (Windows 7)
• This is the only way to be 100% sure
that malware has been removed
• Seriously. Cleaning isn’t 100%.
5
Q
End user education
A
- One on one
- Personal training
- Posters and signs
- High visibility
- Message board posting
- The real kind
- Login message
- These become invisible
- Intranet page
- Always available
6
Q
Software firewalls
A
• Monitor the local computer
• Alert on unknown or unauthorized network
communication
- Prevent malware communication
- Downloads after infection
- Botnet communication
- Use Windows Firewall
- At a minimum
- Runs by default
- Constantly monitoring
- Any network connection
7
Q
Secure DNS services
A
- External/Hosted DNS service
- Provides additional security services
- Real-time domain blocking
- Sites containing malware are not resolvable
- Block harmful websites
- Phishing sites, parked domains
• Secure platforms - Avoid DNS cache poisoning
attacks
