1. Home
  2. Training Library
  3. Information Life Cycle [CISMP]

Software for countermeasures

Contents

keyboard_tab
Agent Smith
1
Malicious code, attacks and threats
Non-technical controls
Top ten threats

The course is part of this learning path

Software for countermeasures

Alongside the technical measure you looked at in the previous step, which are hardware-based, there are software-based countermeasures also.

Here’s an overview of what’s available:

Software countermeasures

Antivirus

Antivirus checks on email systems before email gets to the user. The system architecture can use different antivirus products at the boundary of the network and on desktops.

Spam filters

Spam filters to prevent certain types of attachments coming in, like executable code. This will stop a user opening a malicious file accidentally.

Scanning website traffic

This looks for unsafe downloads and prevents them from getting onto the user’s computer. Some security products integrate antivirus and malware scanners.

Content checkers

Content checkers implement blacklists and whitelists for accessing websites. Blacklists are lists of prohibited websites that users aren’t allowed to access, such as gambling and pornography sites. Whitelists are lists of websites that users are permitted to access.

Sheep dips

A sheep dip is an isolated computer system that’s used to load and test new software for the presence of malware. This eliminates the risk of potential malware spreading to other systems on the network.

There are other countermeasures you can take apart from technical and software ones, you’ll find out more about these in the next step.

Device control

This relates to users being prevented from reading or writing to unauthorised devices attached to their computer systems. For example, the system could be designed so that users can’t read from or write to DVDs without specific authority. Device control can also be used to prevent users from accessing USB drives, due to the threat of malware exploiting the autorun feature.

Hardening

Hardening refers to locking down the system’s configuration through the operating system, end user applications or middleware. Most organisations perform some degree of hardening on their systems, with the approach documented to ensure it’s applied consistently across the business.

For example, web browsers might be configured to prevent the downloading of ActiveX controls. The approach to hardening should be based on a risk management decision as it often means some loss of functionality for the end user. Security generally comes with some trade-off.

What’s next?

Next up, you’re going to look at some software countermeasures in more detail to find out how they can help protect against malicious software.

 

Difficulty
Beginner
Duration
36m
Students
45
Ratings
5/5
starstarstarstarstar
Description

In this course on malicious software, you will learn about the various types of malicious code in detail, contrast the different types before looking at look at the countermeasures used to combat them. You’ll also encounter non-technical controls and see the OWASP top 10 security threats.

About the Author
Students
27382
Labs
122
Courses
1329
Learning Paths
45

A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.