Agent Smith
Malicious code, attacks and threats
Countermeasures
Non-technical controls
Top ten threats
The course is part of this learning path
Software for countermeasures
Alongside the technical measure you looked at in the previous step, which are hardware-based, there are software-based countermeasures also.
Here’s an overview of what’s available:
Software countermeasures
Antivirus
Antivirus checks on email systems before email gets to the user. The system architecture can use different antivirus products at the boundary of the network and on desktops.
Spam filters
Spam filters to prevent certain types of attachments coming in, like executable code. This will stop a user opening a malicious file accidentally.
Scanning website traffic
This looks for unsafe downloads and prevents them from getting onto the user’s computer. Some security products integrate antivirus and malware scanners.
Content checkers
Content checkers implement blacklists and whitelists for accessing websites. Blacklists are lists of prohibited websites that users aren’t allowed to access, such as gambling and pornography sites. Whitelists are lists of websites that users are permitted to access.
Sheep dips
A sheep dip is an isolated computer system that’s used to load and test new software for the presence of malware. This eliminates the risk of potential malware spreading to other systems on the network.
There are other countermeasures you can take apart from technical and software ones, you’ll find out more about these in the next step.
Device control
This relates to users being prevented from reading or writing to unauthorised devices attached to their computer systems. For example, the system could be designed so that users can’t read from or write to DVDs without specific authority. Device control can also be used to prevent users from accessing USB drives, due to the threat of malware exploiting the autorun feature.
Hardening
Hardening refers to locking down the system’s configuration through the operating system, end user applications or middleware. Most organisations perform some degree of hardening on their systems, with the approach documented to ensure it’s applied consistently across the business.
For example, web browsers might be configured to prevent the downloading of ActiveX controls. The approach to hardening should be based on a risk management decision as it often means some loss of functionality for the end user. Security generally comes with some trade-off.
What’s next?
Next up, you’re going to look at some software countermeasures in more detail to find out how they can help protect against malicious software.
In this course on malicious software, you will learn about the various types of malicious code in detail, contrast the different types before looking at look at the countermeasures used to combat them. You’ll also encounter non-technical controls and see the OWASP top 10 security threats.
A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.