Time
10 hours 19 minutes
Difficulty
Intermediate
CEU/CPE
12

Video Transcription

00:05
in today's computing environments, it's important to be aware of signs of a security issue such as male wear, infection on a PC and how to troubleshoot and prevent future occurrences.
00:14
Even when following the best practices of ensuring systems air patched and updated, there are still means for which viruses and other malicious code confined their way into a system.
00:24
Pop ups are a common source for viruses. Pop ups are small windows that open without the user's consent when they're using a Web browser.
00:32
Thes pop ups are used by advertisers to solicit a product or service, and by malicious actors who are trying to entice users into clicking at link within the pop up window. Pop ups can be disabled if they're still occurring after being disabled, it could be a sign the system is infected.
00:47
Similarly, security alerts display notifications to inform that a security incident has occurred.
00:53
This is generally seen when an anti virus software needs updated, a security scan is recommended or the anti virus or firewall protection has been turned off. If the's notifications are not taken seriously, the user's system could potentially be vulnerable to an attack.
01:07
However, Attackers can masquerade it pop up to appear to be a security alert and trick the user into clicking and initiating malicious code installation. Unsolicited e mail, or spam, is one of the most common and successful means of infecting a computer or stealing information. Thes e mails, also known as phishing attacks, appear to be legitimately meant for the user
01:26
and convinces the user to act on the message within the email.
01:30
For instance, an issue with their banking account, a request from a human resource is or a package delivery air from a recent purchase. The intent of the phishing email is to get the user to click a link or visit a website where personal information is requested or malicious software is downloaded and installed. Browser redirection is another legitimate function
01:49
that could be leveraged to spread viruses.
01:52
Website redirection maybe used to allow multiple girls to be linked to one website or used to send visitors of an old website to a new current site.
02:00
One way redirection is used maliciously is by changing one character inconspicuously in the URL and taking users to a spoof site where they proceed as usual, entering credentials or other private information. Sometimes it's clear that this system has been infected like a notice from the anti virus application or the system being completely unusable.
02:20
There are also not so obvious but common symptoms that could indicate a PC has been infected.
02:24
A sign of system may be infected with malware is when system files, applications or user files have been renamed or hidden.
02:32
Confirming whether file and folder settings are set to unhygienic will determine if they were actually deleted by the male wear or just hidden.
02:39
If a system suddenly run slower than usual, Freezes has missing files, displays unknown icons or has other strange behavior. It is suspect that the system has been infected
02:51
if known. Contacts report. Suspicious e mails have been received from a user containing inappropriate content, unknown links or attachments. It's probable the user's system has been infected and the malicious code access the email context in the attempt to spread the coat.
03:06
This propagation method is a common tactic for spreading malware because users are more likely to click a link or open an attachment received from someone they know. A particularly devious method of spreading malware is through signed digital certificates.
03:19
Thes certificates are used all syndicate and secure Internet activity between systems and Internet browsers. Thes certificates contain information aboutthe source and their code and are issued by a trusted certificate agency. However, Mel, where developers can steal or fraudulently obtained these trusted science certificates. Once the malware has a proper certificate,
03:38
it is much easier to spread the mill where,
03:39
because the system may not treat the signed certificate as suspicious.
03:43
If any symptoms or other irregularities are noticed, open the system task manager and inspect applications and service is running on the system.
03:51
Anything running that suspicious researches purpose online.
03:54
The event viewer is also a resource for monitoring system events. Event viewer logs can be searched for specific event types or gates.
04:02
System logs are also a good source for identifying unusual activity.
04:06
If a computer is suspected to be infected, Ron A. Virus or other systems security scan. If the skin won't run, try starting the system in safe mode. Safe mode starts up. The system with limited service is to help the troubleshooting
04:19
the male where maybe preventing a virus scan. Having the system in a minimized operation state could keep the malware from running and allow a scan to complete
04:28
when symptoms have been identified. Quarantine the system by disconnecting it from the network and any external storage devices
04:34
do not try to back up the data as the backup will likely be infected. Also
04:39
for Windows disabled to restore feature which deletes all past restore points, it is not recommended to attempt to restore using one of these files.
04:47
The likelihood these files have been infected is highly likely end. You want to avoid re infecting the system. Remediate the infected system by updating anti male wear software with the latest signatures,
04:59
ensure the software is set to update automatically.
05:01
One common reason malware attacks are successful is because automatic updates is not enable. The same is true for system updates and patches. BO should be set to automatically update regularly
05:12
after the updates are applied. Scan the system and remove any malicious files
05:16
once the Miller has been removed. Enable system restore and create a new restore point.
05:21
Run a full backup of the system to an external storage device. As a secondary safety measure. One of the most critical preventive measures for male where infection is user awareness users are the weakest link in system security and need to be regularly educated on potential threats, especially techniques for which male where is contracted and spread.
05:40
Practicing the principle of Lee's privilege.
05:43
Assigning on Lee the permissions necessary to perform a specific job role can protect against infection because regular user accounts would not have the privilege is needed to install software or make system changes.
05:54
Defending systems from malware is an ongoing battle. New code and techniques for spreading malware is ever evolving.
06:00
Taking preventive measures to protect systems and their information from being compromised is crucial. Educate users do not only follow best practices to deter an infection, but to recognize common symptoms. Of one. The sooner and infected system is identified and remediated, the better the chances for limiting it from spreading to other systems.

Up Next