Describe the best practice to employ to mitigate malware effects on a machine…..
- Students are required to post one original response to the discussion questions each week, as well as a response to one classmate. Original responses should not be a word for word rehashing of what is stated in the readings, but rather an integration of the concepts and additional insights, either from real world experience or additional sources. It should be a 250 word response to the question.Your primary posting may end with a tag-line or a related question of your own. Your secondary posting is a response to one classmate’s post. Each answer/response should be supported with research. Responses to classmates should not be “I agreeâ€ or “I like the way you stated that.â€ These responses should again be insightful, offering an opinion or facts based on your research and experiences. The response to one classmate should be a minimum of 125 words. See APA criteria for citing resources. You must provide a minimum of a reference, in APA format, in your original response.include references and no plagiarism.send the files separately as one is discussion of 250 words with references and two replies each of 125 words.
Reply to topic 1:-
Malware is a noxious code that spreads over the associated frameworks in the organization. This situation is expanding step by step with cutting-edge figuring innovation and correspondence arrange. Malware can be considered as the substance in which new highlights can be effortlessly added to improve its vicious symptoms as different assaults. These malware’s can be perilous with all their reactions on the contaminated machines like handicapping malware finders or AV Scanners which introduced for the protection purposes. There are few types of malware which are not safe to our systems. They are polymorphic Malware, Metamorphic Malware. A polymorphic malware comprises of encoded noxious code alongside the decoding module. Polymorphic code is a strategy now generally actualized in malware that uses a polymorphic generator to change the code while keeping the first calculation in place. Whereas the metamorphic idea of the malware empowers vindictive code to change while distributing over the system and making mark-based location totally incapable on the machine.
The accompanying is the prescribed procedures to utilize to alleviate malware consequences for a machine are Keep program modules patched. Attacks have moved to the program and the module applications that make the program a considerable amount more important. It’s imperative that aggressors not have the ability to use Microsoft Internet Explorer or Adobe Reader/Acrobat/Flash vulnerabilities to get onto a system. Use each vender’s auto invigorate or programming dispersal contraptions to present repairs when they twist obviously accessible Limit the utilization of system shares (mapped drives) Worms love to spread by methods for composed drives. Unless there is a solid business need, close mapped drives. If authorization for access will be given to peruse just yet not read-write Use apparatuses that go past antivirus While there’s up ’til now a section for antivirus things, they aren’t as fruitful as they used to be, as it were, considering the way that the threats have created to sidestep antivirus programming.
Keep program modules patched:
We have to keep the attacks very low such that it should be minimized, upon progressing on the development of technology so that problems are reduced. Attacks have moved to the program and the module applications that make the program an impressive sum more vital. It’s basic that aggressors not be able to utilize Microsoft Internet Explorer or Adobe Reader/Acrobat/Flash vulnerabilities to get onto a framework. Utilize every merchant’s auto animate or programming dispersal mechanical congregations to show repairs when they bend surely accessible
Limit the use of framework shares (mapped drives):
Worms love to spread by strategies for dealing with drives. Unless there is a strong business require, close mapped drives. On the off chance that approval for access will be given to examining at this time not read-write. So that security of personal thing is kept accordingly, in the business requirement.
Use instruments that go past antivirus:
While there’s ‘as of recently a segment for antivirus things, they aren’t as productive as they used to be, in a manner of speaking, in light of the way that the dangers have made to evade antivirus programming. Numerous hazards today are Web-based. A contraption like the Intrusion Prevention System (IPS) in Symantec Endpoint Protection stops chances before they can enter a machine. For instance, IPS stops feebleness mishandle, drive-by downloads and counterfeit antivirus establishment.
Protect PDAs and other adaptable devices:
As shown by RSA, the best cybercrime incline for 2011 is advantageous malware and the mistreat of cell phones to finish compulsion. It gives each illustrative with a PDA or tablet PC needs to get to the structure to discover the chance to affiliation email or unmistakable applications. Keep in mind that these gadgets can bring malware into your system fundamentally as an unprotected PC can.
reply to 2nd topic:-
Author Musthaler (2011) states that according to RSA Cybercrime Trends Report, majority of malware products are not targeting corporate networks rather than consumer devices. The contributing factors, she notes are attributed to the increased mobility in employee devices and the advent of social sites along with IT that has become increasingly user driven. The exposure to malware might have adverse effects on a corporate network that include but are not limited to access to sensitive information and data breaches (Musthaler, 2011).
Below is a checklist that could act as best practices that could be followed for a sustainable security policy and aid in preventing malware attacks on corporate networks (Musthaler, 2011). These policies also need fine tuning and intense customization to fit the needs of the organization (Musthaler, 2011).
1. Patch Browser Plug-in: In the event of attacks being migrated to browsers, security plugins that can avoid threat largely originating from Acrobat or Flash vulnerabilities can be effectively combated. It is highly recommended that these plugins are kept up to date. Turning on Auto update is also strongly advised.
2. Peer-to-peer usage: malware distribution has transition to P2P mode. Blocking P2P at the gateway or the desktop level is recommended. Implementing a stringent no P2P policy would improve threat handling when companyâ€™s devices are subjected to home usage. Blocking P2P at the gateway is recommended than at the desktop level.
3. Switch off AutoRun: Otherwise knowns as autoplay, these applications are downloaded and played instantly thereby inheriting privileges that were granted a long time ago and not monitored regularly. Turning them off would reduce the risk of unwanted applications installed on the system.
4. Enable Enhanced Security in Adobe: Most applications can also be embedded in PDFs. Regularly updating Adobe and other PDF viewers will create a tapping mechanism that prevents executables inside a PDF.
5. Network Shares and Mapped Disks: network shared devices and mapped hard disks should be viewed as a potential weak point where a threat could arise. Implementing read-only wherever necessary rather than read-write would also aid in curbing threats.
6. Mail Security and Gateway blocking: updating and implementing a mail security solution could go a long way in curbing malware threats arising from Web 2.0 contents. Gateways should frequently be updated to block suspicious IP and continuously monitor to update hackersâ€™ identity.
7. Security content distribution schedule: IPS performs a daily to weekly releases of antivirus signatures. Making the most of this through automatic patching is advised
8. Other tools more effective than antivirus: an Intrusion Prevention System from reputed vendors such as Symantec Endpoint Protection (Musthaler, 2011) would reduce the risk of web based threats that trivial antiviruses fail to circumvent.
9. Customize Tool defaults: Adapting to the business needs of the company would include monitoring the tools and enhancing their performance through customization and changing defaults.
10. Educate Self and Users: Most malware threats and other network breaches are performed through social and reverse social engineering. Hence, a system that keeps all the employees prepared is one of the cornerstones of best practice implementation. Users should be educated on using only trusted sources, not updating flash and codec from video sharing websites. P2P applications and clicking on spam URLs found in malicious emails.
The best practices can have transcending capabilities once higher management gets involved in taking security seriously (Malhotra, 2015). The best way to handle security threats and risks is to have a holistic approach and converge multiple horizontals in an organization such as Corporate Risk Management, Cyber Risk Management and Enterprise Risk Management. Greater alignment can be obtained by going beyond a trivial risk assessment models to implementing risk insurance models. Cyber Risk Insurance (CRI) models are gaining traction in the Finance and Healthcare sectors where malware threats can have devastating effects. The best way to deal with this is by addressing the human factor in the security link. If the underlying ERM systems integrate people, process and technology; malware attacks can be efficiently handled, mitigated and managed in the long term (Malhotra, 2015)