Virus Attack Questions and answers

Today Auditor Forum discuss different virus attack questions and answer with all possible security measures.

What is a virus attack?

A virus attack infect your Windows, Mac, Android and IOS (smartphone or tablet) software.It can cripple your Pc/smartphone performance, data transmission of your personal information, erase your Personal data or even destroy your hardware. These Viruses can be in the shape of; Spyware, Ransomware, Trojan Horse or a simple programming Bug. More than 1 Million devices infected by these viruses every day.

virus attack

Now lets explore few virus Attack Questions:

Auditor Forum network is down due to a virus attack. Management has asked the IT manager to explain why the viruses were able to penetrate the system, in the presence of disk scanner antivirus software.

Required: As IT Manager of the company explain:
(a) two more kinds of antivirus software, besides conventional disk scanners;
(b) how the controls against viruses be strengthened further? Also discuss the possible justification for your failure to install the appropriate software.

Besides conventional disk scanners, following types of virus scanners are usually used:

Active Monitors / Behavior-Based Detection:

This kind of software will sit in memory and look for so-called “virus-like behavior” or “suspicious activities”. In essence, these programs are looking for the types of actions taken on files or boot sectors that are usually performed by a virus when it tries to spread. Active monitors can be annoying because they cannot distinguish between a user request and a program request. As a results users are asked to confirm actions like formatting a disk or deleting a file.

Integrity Checkers:

They compute a binary number on a known virus free program that is then stored in a database file. The number is called a Cyclical Redundancy Check (CRC). When that program is called to execute, the checker computes the CRC on the program that is to be executed and compares it with the number in the database. A match means no infection; a mismatch means that a change in the program has occurred i.e., a virus could be present.

Measures to strengthen controls against virus attack

(i) The controls against viruses be strengthened by installing a combination of different types of antivirus software, because disk scanners carry certain limitations such as inability to detect virus like actions and inability to perform cyclic redundancy check.
(ii) Designing and implementing sound antivirus policies.
(iii) Educating users about potential virus sources and their controls.
(iv) Restricted use of removable storage media.
(v) Installation of properly configured firewall. Periodic review and update of the firewall policy.

Reasons of failure against virus attack:

At the time of previous capital budget approval, it was pointed out to the management that merely installing conventional disk scanner antivirus software is not enough to prevent viruses from penetrating. Besides disk scanners, active monitors and integrity checkers were also requested in the budget. Consequently, various other measures were suggested/required which involved purchase of hardware as well as software. However, our request was turned down and consequently we were unable to carry out the desired steps.

Share this antivirus question on facebook and twitter and share your thoughts on how you manage your servers in case of a penetration attack. Bookmark Audit Forum for more examples and questions. Examples of real world can be posted below. Also for more IT practicing questions and answers visit audit forum.