cscu module 03 protecting systems using antiviruses.pdf
TRANSCRIPT
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
1/32
1 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Protecting Systems Using Antiviruses
Simplifying Security.
Module 3
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
2/32
2 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
The need for protecting valuable data pushing the demand for antivirus products in
Northern region.
Market for Antivirus Becoming Aggressive in North IT Market
http://www.itvarnews.net
With explosion in the use of networks and also increased use of internet has definitely created a new
conduit for computer viruses to spread at a rapid rate. Earlier viruses used executable files and would
typically be
no
more
than
an
annoyance
by
displaying
harmless
phrases.
The
latest
viruses
are
much
more sophisticated and able to cause extensive and irreparable damage to files. Some viruses are
able to spread themselves to other computers on the Internet or network causing widespread
damage to many systems. Thus to counterattack
these problems and to keep up with the
accompanying rise of malicious web activity a
number of vendors are busy rolling out layers
of updates
of
Antivirus.
We
at
ITPV,
contemplated
in
the
Northern
region
about
how
the
Antivirus
vendors are doing, what is the demand, which segment is booming and whats the future of this
technology.
3
March
2011,
Thursday
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
3/32
3 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Objectives
The Most Dangerous Computer
Viruses of All Time
Introduction
to
Antivirus
Software
How Does Antivirus Software
Work?
Antivirus Software 2011
Steps
to
Install
Antivirus
on
Your
Computer
How to Test if Antivirus is
Working?
Choosing the
Best
Antivirus
Software
Configuring McAfee Antivirus
Configuring Kaspersky PURE
Antivirus Security
Checklist
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
4/32
4 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction
to Antivirus
Software
How Does
Antivirus
Software Work?
Steps to
Install
Antivirus
Choosing the
Best Antivirus
Software
Configuring
McAfee
Antivirus
Configuring
Kaspersky
PURE
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
5/32
5 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
The Most Dangerous Computer Viruses of
All Time
CIH (1998)
Estimated Damage: 20 to 80 million dollars worldwide,
countless amounts of PC data destroyed. Unleashed
from Taiwan in June of 1998
Melissa (1999)
Estimated Damage: 300 to 600 million dollars
ILOVEYOU (2000)
Estimated Damage: 10 to 15 billion dollars
Code Red (2001)
Estimated Damage: 2 billion and 600 million dollars
(2.6B $)
SQL Slammer (2003)
Estimated Damage:
Because
SQL
Slammer
erupted
on
a
Saturday, the damage was low in dollars and cents.
However, it hit 500,000 servers world wide and actually
shut down South Korea’s online capacity for 12 hours
Blaster (2003)
Estimated Damage: 2 to 10 billion dollars, hundreds of
thousands of infected PCs
Sobig.F (2003)
Estimated Damage: 5 to 10 billion dollars, over 1 million
PCs infected
Bagle (2004)
Estimated Damage: Tens of millions of dollars and
counting
MyDoom (2004)
Estimated Damage: At its peak, slowed global Internet
performance by 10 percent and Web load times by up to
50 percent
Sasser (2004)
Estimated Damage: Tens of millions of dollars
In the past few years, numerous PCs have been infected by computer viruses and there have
been computer viruses that affected the global economic growth drastically
The top 10 most destructive computer viruses of all time according to techweb:
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
6/32
6 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
A computer connected to the Internet is always at high risk, and it is always recommended to
install antivirus software on the system
A computer virus can degrade the performance of a computer and can delete the stored
computer data
An antivirus program protects the computer against viruses, worms, spywares, Trojans, etc.
Introduction to Antivirus Software
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
7/32
7 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.7
Today in the digital domain, loads of data is
stored on computers and it has become
significant to protect the data
When a PC is connected to the Internet, the
PC has to combat different malicious programs
such as viruses, worms, Trojans, spyware,
adware
Cyber criminals such as attackers and hackers use
these malicious programs as tools to steal
important information such as personal data
stored on the computer
These programs pose a severe threat to the
computer and may destroy its functionality in
different ways
Malicious programs
pave
their
way
into
one’s
PC
through email attachments and spam email,
through USB drives, visiting a fraudulent website,
etc.
Due to
the
invasion
of
malicious
programs
in cyberspace, antivirus programs have
become necessary for computers
If
your
computer
has
a
good
antivirus
program
installed,
then
the
PC
is
protected
and
combat
all
types of malicious programs
Need for Antivirus Program
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
8/32
8 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction
to Antivirus
Software
Steps to
Install
Antivirus
Choosing the
Best Antivirus
Software
Configuring
McAfee
Antivirus
Configuring
Kaspersky
PURE
How Does
Antivirus
Software Work?
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
9/32
9 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
How Does Antivirus Software Work?
Most of the commercial antivirus software uses two techniques:
Uses virus dictionary to look for known viruses while examining files
Detects suspicious behavior from any computer program
Virus DictionaryApproach
While examining the files the
antivirus software refers to
the dictionary of known
viruses identified by the
author of antivirus software
If a bit of code in the file matches with that of any
virus in the dictionary, then
the antivirus software can
either delete the file, repair
the file by removing the virus,
or quarantine it
The antivirus software
monitors the behavior of all
the programs instead of
identifying the known viruses
Whenever a program with
suspicious behavior is found
the software alerts the user
and asks what to do
Suspicious BehaviorApproach
Antivirus software will try to
emulate the beginning of
each new executable code
that is being executed before
transferring control to the
executable
If the program seems to be a
virus or using self ‐modifying
code then it immediately
examines the other
executable programs
Other Ways to DetectViruses
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
10/32
10 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Antivirus Software 2011
http://www.mcafee.com http://www.symantec.com http://www.avast.com http://www.kaspersky.com http://www.vipreantivirus.com
http://free.avg.com http://www.comodo.com http://www.bitdefender.com http://www.pctools.com http://www.eccouncil.org
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
11/32
11 Copyright ©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction
to Antivirus
Software
Steps to
Install
Antivirus
Choosing the
Best Antivirus
Software
Configuring
McAfee
Antivirus
Configuring
Kaspersky
PURE
How Does
Antivirus
Software Work?
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
12/32
12Copyright
©
by
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Choosing the Best Antivirus Software
When purchasing an antivirus software, look for
the various features and how they can best serve
your needs
The most important things to be considered are:
Antivirus Scanning
Antivirus Detection Accuracy
Check for antivirus software that scans and detects
viruses accurately and detects the majority of threats
Scanning Speed
Check
whether
the
antivirus
software
can
perform
the
task quickly and efficiently
Resource Utilization
Ensure that the antivirus software uses minimal
system resources and does not affect system
performance when performing a scan
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
13/32
13Copyright
©
by
EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Hacker Blocking
This feature prevents other users from gaining
unauthorized access and steal important data such as
passwords and other confidential information
Bidirectional Firewall
Check whether the antivirus software is equipped
with
a
software
firewall
or
not
to
scan
the
both
incoming and outgoing traffic
Technical Support
Look for good technical support so
that issues are solved easily
Parental Controls
Check for
the
parental
control
feature
in
the antivirus program that helps children
browse the Internet safely
Easy Installation (and Easy to Use)
The anti virus software should be user friendly
and easy‐to‐use
On Demand
and
Scheduled
Scanning
This options lets you schedule a scan according to user
specified time. User schedule the scan daily, weekly or
monthly
Automatic Updates
This feature keeps the user abreast
of the
latest
online
threats
without
the user having to visit the vendor’s
website to stay up to date
Spyware Detection &
Prevention
Check for antispyware
components to
keep
spyware
at
bay
Email Scanning
E‐mail Protection can monitor POP
and SMTP ports and ensures that
your computer doesn't contain a
threat to
your
computer
Choosing the Best Antivirus Software
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
14/32
14Copyright
©
by
EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction
to Antivirus
Software
Steps to
Install
Antivirus
Choosing the
Best Antivirus
Software
Configuring
McAfee
Antivirus
Configuring
Kaspersky
PURE
How Does
Antivirus
Software Work?
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
15/32
15Copyright
©
by
EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
1
2
3
4
5
Review all the settings and click next until installation is finished
Once the installation process is finished, restart your computer
Download the antivirus and launch the installation of
antivirus by double clicking the setup file
Most of the antiviruses follow a wizard‐driven installation process
and necessary components are installed in the system by default
Steps to Install Antivirus on Your
Computer
Agree to the legal agreement that might appear, click "I agree", and
then click
"Next"
to
continue
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
16/32
16Copyright
©
by
EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
How to Test if Antivirus is Working?
Step‐by‐step procedure to test the antivirus program
1. Open a notepad and copy the following code onto it, and save the notepad.
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR‐STANDARD‐ANTIVIRUS‐TEST‐FILE!$H+H*
2. Rename the file from New Text Document.TXT to myfile.com
3. Run the
antivirus
scan
on
this
myfile.com file
4. If the antivirus is functioning properly, it generates a warning and immediately deletes the file
Note: Most antivirus will display a warning message in step 1
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
17/32
17Copyright
©
by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction
to Antivirus
Software
Steps to
Install
Antivirus
Choosing the
Best Antivirus
Software
Configuring
McAfee
Antivirus
Configuring
Kaspersky
PURE
How Does
Antivirus
Software Work?
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
18/32
18Copyright
©
by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Configuring McAfee Antivirus
On the Main Security Center Console click
Real‐time Scanning select Scan your PC
After selecting the Scan your PC option Select
any one of the available three scan types (Run a
quick scan, Run a full scan, or Run a custom scan)
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
19/32
19Copyright
©
by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
On the Main Security Center Console click
Real‐time Scanning select Schedule Scan
Settings and decide how often you want to
scan click Apply
After selecting the Schedule Scan Settings option
Real‐time Scanning Settings select the file types,
attachments, and locations that you want the antivirus
to automatically scan and protect the computer from
threats click Apply
Configuring McAfee Antivirus
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
20/32
20Copyright
©
by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction
to Antivirus
Software
Choosing the
Best Antivirus
Software
Configuring
McAfee
Antivirus
Configuring
Kaspersky
PURE
How Does
Antivirus
Software Work?
Steps to
Install
Antivirus
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
21/32
21Copyright
©
by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
After successfully installing Kaspersky PURE, follow the
steps to configure Kaspersky PURE
Step 1: Activate the application
For Kaspersky PURE to
be
fully
functional,
it
needs
to
be
activated
You can:
Activate Commercial License with the purchased activation
code
Activate
Trial
Version for
the
trial
period
of 30 days
and
get
acquainted with the possibilities of the program
Activate Later, if you select activate later, the stage
of Kaspersky PURE activation will be skipped. The application
will be installed on your computer, but you will be able to
update the application only once after its installation.
To continue the activation process, click Next
After the license is activated, click Next to proceed with the
configuration
Configuring Kaspersky PURE
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
22/32
22Copyright
©
by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Step 2: System analysis
The Installation Wizard analyzes the
system information and creates rules
for trusted applications that are
included in the Windows operating
system. Wait
until
the
process
is
completed.
Configuring Kaspersky PURE
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
23/32
23 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Step 3: Completing installation
When the installation is complete,
Kaspersky PURE Configuration Wizard will
prompt with a message The installation is
complete:
Make sure the box Start Kaspersky
PURE is checked if you want to run the
application immediately after
the Configuration Wizard is closed
Clear the box Start Kaspersky PURE if
you want to run the program later
In order to close the Configuration
Wizard, click the Finish button
Configuring Kaspersky PURE
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
24/32
24 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
After configuring the Kaspersky PURE antivirus, launch the application and the
program is ready for use
Configuring Kaspersky PURE: Backup
and Restore
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
25/32
25 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
To configure Backup, click Backup and Restore
In Backup and Restore, click Create a backup task
Configuring Kaspersky PURE: Backup
and Restore
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
26/32
26 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Select the location of the files and
click Next select the desired
drive to store the backup files
click Next
Specify a password to protect your data from unauthorized access and
click Next
Configuring Kaspersky PURE: Backup
and Restore
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
27/32
27 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Configure storing different
versions of files and click
Next click
Finish
Configuring Kaspersky PURE: Backup
and Restore
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
28/32
28 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Configuring Kaspersky PURE:
Computer ProtectionComputer Protection components protect your computer against various threats, scan all system
objects for viruses and vulnerabilities, and regularly update Kaspersky PURE antivirus databases and
program modules
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
29/32
29 Copyright © by EC-CouncilAll
Rights
Reserved.
Reproduction
is
Strictly
Prohibited.
Configuring Kaspersky PURE: Parental
ControlTo protect children and teenagers from threats related to computer and Internet usage, you should configure Parental
Control settings for all users
If you have no enabled password protection when installing the application at the first startup of Parental Control, it is
recommended that you set a password to protect against unauthorized modification of the Control settings
Now, you can enable Parental Control and impose restrictions on computer and Internet usage, and on instant messaging
for all
accounts
on
the
computer
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
30/32
30 Copyright © by EC-CouncilAll
Rights
Reserved.
Reproduction
is
Strictly
Prohibited.
Kaspersky PURE: Administrative
Tools
Using the Administrative tools, a user
can configure the operating system and
eliminate system vulnerabilities to
provide reliable
data
protection
A user can:
1. Tune browser settings
2. Search for problems related to malware
activity using the Microsoft Windows
Settings Troubleshooting
option
3. Permanently delete data
4. Delete some unused data
5. Create a Rescue Disk to clean the
system after a virus attack
6. Erase user activity to protect the
privacy
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
31/32
31 Copyright © by EC-CouncilAll
Rights
Reserved.
Reproduction
is
Strictly
Prohibited.
Module Summary
An antivirus program protects a computer against viruses, worms, spywares, and Trojans
A computer connected to the Internet is always at high risk and it is recommended to have
antivirus software
installed
on
the
system
Most of the commercial antivirus software uses two techniques:
Uses virus dictionary to look for known viruses while examining files
Detects suspicious behavior from any computer program
In the
virus
dictionary
approach,
while
examining
the
files,
the
antivirus
software
refers
to
the dictionary of known viruses identified by the software author
Whenever a program with suspicious behavior is found, the antivirus software alerts the
user and asks what to do
-
8/19/2019 CSCU Module 03 Protecting Systems Using Antiviruses.pdf
32/32
32 Copyright © by EC-CouncilAll
Rights
Reserved.
Reproduction
is
Strictly
Prohibited.
Antivirus Security Checklist
Update antivirus software to get maximum efficiency
Always visit the vendor’s web site to download the patches
Do not use multiple antivirus programs on your computer
simultaneously
Always perform link and email scanning
Enable firewall
Enable real‐time scanning
Always schedule
scanning