MIS Week 6. Operating System Security. Windows Antivirus

Similar documents
MIS Week 6. Operating System Security. Windows Antivirus

MIS Week 7. Operating System Security. Windows Firewalls

MIS Week 7. Operating System Security. Windows Firewalls

MIS Week 8. Operating System Security. Windows Logging

MIS Week 5. Operating System Security. Windows Patching

How To Remove Virus From Computer Without Using Antivirus In Windows Xp

How To Remove A Virus Manually Windows 7 Without Antivirus Security Pro

How To Remove Xp Internet Security 2011 Virus Manually

Symantec Endpoint Protection

MIS Week 10. Operating System Security. Unix/Linux basics

How To Update Kaspersky Internet Security 2014

Manual Removal Norton Internet Security Won't Open Or

MIS Week 10. Operating System Security. Unix/Linux basics

NetDefend Firewall UTM Services

Win 7 Security 2011 Virus Manual Removal

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Cracked BitDefender Client Security 2 Years 20 PCs lowest price software ]

Get BitDefender Security for File Servers 2 Years 5 PCs computer new software download ]

How To Remove A Virus Manually Windows 7 Laptop Using Antivirus Program

User Guide. This user guide explains how to use and update Max Secure Anti Virus Enterprise Client.

How To Remove Personal Antivirus Security Pro Virus

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

Online Security and Safety Protect Your Computer - and Yourself!

Manually Remove Of Xp Internet Security Protect Virus Manually

Norton 360 vs trend micro vs mcafee vs symantec: which anti-virus solution is best

CIH

Manually Update Kaspersky Virus Removal Tool

Remove Manually Norton Internet Security 2012 Will Not Start

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Zillya Internet Security User Guide

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Malware, , Database Security

Lecture 12 Malware Defenses. Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Bailey s ECE 422

whitepaper: Whitelisting Without The Complexity

How To Remove Personal Antivirus Security Pro Virus Manually

Technology in Action

How To Remove Virus Without Antivirus In >>>CLICK HERE<<<

Technology in Action 12/11/2014. Cybercrime and Identity Theft (cont.) Cybercrime and Identity Theft (cont.) Chapter Topics

Introducing Next Generation Symantec AntiVirus: Symantec Endpoint Protection. Bernard Laroche Endpoint security Product marketing

crush malware that hasn't even been seen before. Alright, so not really like traditional antivirus. Cleans an already infected Mac, 14- day Premium

Configuring Antivirus Devices

Quick Heal Total Security for Mac. Simple, fast and seamless protection for Mac.

Training UNIFIED SECURITY. Signature based packet analysis

Free Download BitDefender Client Security 1 Year 50 PCs softwares download ]

Securing Your Environment with Dell Client Manager and Symantec Endpoint Protection

Quick Heal Total Security for Mac. Simple, fast and seamless protection for Mac.

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

Internet Safety Utilize the Internet without Fear

How To Remove Security Shield 2012 Virus Manually

Quick Heal Total Security Multi-Device (Mac) Simple, fast and seamless protection for Mac.

How To Manually Uninstall Symantec Antivirus Corporate Edition 10.x Client

AS Stallion. Security for Virtual Server Environments. Urmas Püss

Kaspersky Internet Security - Top 10 Internet Security Software in With Best Antivirus, Firewall,

Symantec Antivirus Manual Removal Tool Corporate Edition 10.x

INDEX. browser-hijacking adware programs, 29 brute-force spam, business, impact of spam, business issues, C

Remove Mcafee Antivirus Plus 2013 Link Version For 90 Days

Free antivirus software download

Symantec Endpoint Protection 14

Quick Heal AntiVirus Pro Advanced. Protects your computer from viruses, malware, and Internet threats.

USB Drive Antivirus provides comprehensive protection against any virus, worm trying to attack via USB drive. When an USB device is inserted into

Remove Mcafee Antivirus Plus 2013 Full Version With License Key

Security Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems. BRKSEC-2052_c Cisco Systems, Inc. All rights reserved.

Symantec Client Security. Integrated protection for network and remote clients.

Manually Remove Of Xp Internet Security Protect

How To Remove Live Security Platinum Virus Using Mcafee

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Securing the SMB Cloud Generation

Remediation Testing Report

Changing face of endpoint security

Symantec Ransomware Protection

Schematic Antivirus 2013 For Windows Xp Full Version

WHITE PAPER. AirGap. The Technology That Makes Isla a Powerful Web Malware Isolation System

Windows Help document Part A

Review Kaspersky Internet Security - multi-device 2015 online software downloader ]

Remove Trend Micro Titanium Internet Security Without Password

OUR CUSTOMER TERMS CLOUD SERVICES MCAFEE ENDPOINT PROTECTION ESSENTIAL FOR SMB

Get Max Internet Security where to buy software for students ]

Protection Against Malware. Alan German Ottawa PC Users Group

Norton 360 Manual Scanning Not Working Windows 8

FAQ. Safe Anywhere PC 12. Disclaimer:

IBM Endpoint Manager. Francesco Censi WW ATG IEM consultant. Optimizing the World s Infrastructure Moscow, Oct 24 th, 2012

ICS Dissolvable Agent for SafeGuard

DEFENCE IN DEPTH HOW ANTIVIRUS, TRADITIONAL FIREWALLS, AND DNS FIREWALLS WORK TOGETHER

Massive Attack WannaCry Update and Prevention. Eric Kwok KL.CSE

Exam : Title : symantec small Business security. Version : DEMO

Prevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

Cannot Uninstall Mcafee Agent Because Other

Management Information Systems (MMBA 6110-SP) Research Paper: Internet Security. Michael S. Pallos April 3, 2002

Symantec Endpoint Protection Getting Started Guide

Lecture 12. Application Layer. Application Layer 1

Free antivirus software download windows 10

IBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation

Mobile Malware Detection Comparison

Certified Ethical Hacker (CEH)

How To Remove Personal Antivirus Security Pro Virus Windows 8

Network Security in the Patched Environment. Guy Helmer, Ph.D. Palisade Systems, Inc.

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Thanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at

ClearPath OS 2200 System LAN Security Overview. White paper

Transcription:

MIS 5170 Operating System Security Week 6 Windows Antivirus

Tonight s Plan 2 Questions from Last Week Review on-line posts In The News Malware/Spyware Detection tools Antivirus Sniffers Assignment 3 Overview Next Week Quiz

Questions From Last Week 3 Any Questions from last week? Quiz; review from Blackboard results. Base line Remember that a base line is what we want; not what the vendor starts an OS. Configuration drift? This is the term used for where we want our baseline vs where it is now; possibly not in a state we want our computers Active directory Users and Computers Remember that there are more things in AD than just users and computers Why Policy Over Preferences Remember that a policy is enforcement for all users, even ones with local admin access.

Questions From Last Week (cont) 4 Any additional uestions?

Review On-Line Posts 5 Top Posts New EU Privacy Law May Weaken Security n The European Union s General Data Protection Regulation (GDPR) n Jason A Lindsley Article: Microsoft Patch Tuesday, February 2018 Edition n Sev Shirozian n After all, getting down to zero vulnerabilities on your network is impossible. However your vulnerability management program should use tools like this to reduce attack vectors by addressing the critical and high vulnerabilities first, especially in the DMZ or public facing servers.

Review On-Line Posts (cont) 6 Hosting a DC on Cloud This is a bad idea for many reasons n Frederic D Rohrer Questions about the posts?

In the News 7 Article: Domain Theft Strands Thousands of Web Sites Three domains belonging to Newtek Business Services Corp. [NASDAQ:NEWT] n https://krebsonsecurity.com/2018/02/domain-theft-strands-thousands-of-websites/ February Updates from Adobe, Microsoft Windows (SMB) could let attackers crash Windows 8.1, and Windows 10 systems, as well as server euivalents of those platforms. n https://krebsonsecurity.com/2017/02/february-updates-from-adobe-microsoft/

In the News (cont) 8 New EU Privacy Law May Weaken Security The European Union s General Data Protection Regulation (GDPR) n https://krebsonsecurity.com/2018/02/new-eu-privacy-law-mayweaken-security/

In the News (cont Last Year) 9 What does it mean about as well as server euivalents of those platforms.? OS releases; code streams are released as desktop server code. n For Example: Windows 7 Server 2008 Questions or items anyone has found of interest?

Malware/Spyware 10 What is Malware/Spyware? How can you get Malware/Spyware on your system? How can you remove them if you do get hit?

Malware/Spyware (cont) 11 What is Malware? Malware is a class of software that has been created to either damage or track specific information about a user s activities back to the creator of that software. n Malware is the main class of software, which includes: Viruses, spyware, adware, nagware, trojans, worms and more. Spyware may log activity and send it back to the creator for the creator s specific purpose. Viruses similar to a human virus it tries to get into a computer and spread to other neighboring computers.

Malware/Spyware (cont) 12 How can you get Malware on your system? Drive-by s a term know as I can t infect the site you visit, but I can place an ad on that site to infect your system. n Ad s on Bing, google, CNN, etc Pop-up Ad s Downloads/Installs from not the vendors sites Boot-sector; more likely to be a found USB key; or shared USB key. Etc Can you name any?

Malware/Spyware (cont) 13 How can you remove them if you do get hit? Vendor products n Malicious Removal Tool Third-Party (lots in this space) n MalwareBytes n One of the first ones I ve used n Symantec n McAfee We will not go into infecting any systems, but lots of tools. n Remember the writer of the software may have tested against these products so they might not work. n Second; time is money and these tools might be a trojan horse looking for users with higher privledges

Malware/Spyware (cont) 14 We will not go into infecting any systems, but lots of tools. (cont) Lots of companies have a crush and re-load policy to prevent the spread of Trojan and malware. Questions?

Detection Tools 15 Lots of tools in this space; most of them are know as End Point Preventions tools or antivirus. TotalAV SCANGuard MalwareBytes Norton McAfee PCProtect KasperskyLab Microsoft (moved up) AVG

Detection Tools (cont) 16 What is the best detection? Prevention is general the best detections as you can see by the below article. You can also see that they have moved away from writing their own tools or.exe s, etc. in favor of using items that are whitelisted n What is white-listing a method of allowing specific programs

Detection Tools (cont) 17 Questions?

Antivirus 18 What is antivirus software? How does it help secure your operating system? Is Antivirus software dead? As predicted several years ago What are some names in this space? What is next?

Antivirus (cont) 19 What is antivirus software? Antivirus software now really know as End Point Protection is a software product to prevent well know malicious software from taking hold of a user s computer. Most are base on signatures of these malicious software files other are working to define behavior that are malicious to get ahead of the signature race.

Antivirus (cont) 20 How does it help secure your operating system? Defense-in-depth is the primary way it helps; prevent well-know code from being dropped and started on your computer. Another logging method to a central console; gives a SOC notifications of computers on the inside; (got past our IDS/IPS devices and rules) that have either downloaded or tried to download something that was not stopped or uarantined. n First system hit n Where did it go n Can we apply what hit this system to our IDS/IPS devices to stop others from getting hit?

Antivirus (cont) 21 Is Antivirus software dead? As predicted several years ago Antivirus is not dead lots or reporting standards still list them on major control documents. From government organization, general security documents, etc Remember defense-in-depth when you can stop the obvious items from being able to attack your computer. Last weeks Patch Tuesday, there where several AV vendors that had the best prevention to critical vulnerabilities from getting into your environment.

Antivirus (cont) 22 What are some names in this space? Top Tier; better know as the magic Quadrant n Symantec n Sophos n Trend Micro n Moved out of top right from last graph n Kaspersky Lab

Antivirus (cont) 23 What is next? Questions?

Sniffers 24 What is a sniffer/network Analyzer What does it do? How can it help us? What are some examples?

Sniffers (cont) 25 What is a sniffer/network Analyzer? A network sniffer also know as packet analyzer, protocol analyzer is a computer program or computer hardware that can intercept and log traffic that passes over a digital network to help you diagnose or to isolate captured traffic as needed. Many are now appliances or part of switches and/or firewalls.

Sniffers (cont) 26 What does it do? Enables promiscuous mode a fancy name for turn off MAC Filtering on the network card Record all packets on the network to a circular buffer. Why does a switch make this difficult?

Sniffers (cont) 27 How can it help us? Configure firewalls for proper ports in our environment. Troubleshoot network slowness in our environment. Find root-kits on an operating system. Troubleshoot network conversation between two computers. n On and on and on

Sniffers (cont) 28 What are some examples? Microsoft NetMon/Message Analyzer n Demo WireShark n Demo

Sniffers (cont) 29 Questions?

Next Week 30 Questions from previous week Firewalls Host based n IPSec Network based Review for 1 st Test Test 1 Assignment 3 Overview (Due Mar 23 rd )

Assignment 3 Overview 31 Reuirements Same teams members as before. A report of the CIS baseline built into a GPO n Note: there is a report feature for a GPO to where the setting that have been applied can be exported into a report file; that is the report I m referring to here. n Applied to the same DC Windows 7 pair we have been working from assignment 2. A video from the team as how this improves our security with faces and voices. Expand upon the GPO that was created in assignment 2 from 20 settings to what the team feels sufficient to secure Windows 7. This assignment builds to what is presented to the Pen-Testing class for Assignment 4, so the 4th grade is how well the team does in it s selections from the baseline in assignment 3. Due Date: March 23 rd 11:59pm Late assignments have a 10% penalty per week.

Assignment 3 Overview (cont) 32 Questions?

Quiz 33 The Quiz has been released

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback