UnderstandingThreats Show
Computer security is a rapidly changing subject. Administrators and information security professionals invent and adopt a variety of terms and phrases to describe potential risks or uninvited incidents to computers and networks. The following is a discussion of these terms and their meanings as used in this document. Virus/MalwareA computer virus/malware is a program – a piece of executable code – that has the unique ability to replicate. Virus/malware can attach themselves to just about any type of executable file and are spread as files that are copied and sent from individual to individual. In addition to replication, some computer virus/malware share another commonality: a damage routine that delivers the virus payload. While some payloads can only display messages or images, some can also destroy files, reformat your hard drive, or cause other damage.
The Agent programs on the client computers, referred to as the Client/Server Security Agents, can detect virus/malware during Antivirus scanning. The Trend Micro recommended action for virus/malware is clean. Spyware/GraywareGrayware is a program that performs unexpected or unauthorized actions. It is a general term used to refer to spyware, adware, dialers, joke programs, remote access tools, and any other unwelcome files and programs. Depending on its type, it may or may not include replicating and non-replicating malicious code.
Certain applications are classified by Trend Micro as spyware/grayware not because they can cause harm to the system on which they are installed, but because they potentially, expose the Client or the network to malware or hacker attacks. Hotbar, for example, is a program that embeds a toolbar into Web browsers. Hotbar tracks URLs that users visit and records words or phrases that are entered into search engines. These pieces of information are used to display targeted ads, including pop-ups, on users' browsers. Since the information that Hotbar collects can potentially sent to a third party site and used by malware or hackers to collect information about your users, Worry-Free Business Security Services prevents this application from installing and running by default. If you want to run Hotbar or any other application that WFBS-SVC classifies as spyware/grayware, you need to add it to the spyware/grayware trusted list. By preventing potentially risky applications from running and giving you full control over the spyware/grayware trusted list, WFBS-SVC helps ensure that only the applications you approve run on Clients. Client/Server Security Agents can detect grayware. The Trend Micro recommended action for spyware/grayware is clean. Network VirusesA virus spreading over a network is not, strictly speaking, a network virus. Only some of the threats mentioned in this section, such as worms, qualify as network viruses. Specifically, network viruses use network protocols, such as TCP, FTP, UDP, HTTP, and email protocols to replicate. Firewall works with a network virus pattern file to identify and block network viruses. IntrusionsIntrusions refer to entry into a network or a computer either by force or without permission. It could also mean bypassing the security of a network or computer. Malicious BehaviorMalicious Behavior refers to unauthorized changes by a software to the operating system, registry entries, other software, or files and folders. Fake Access PointsFake Access Points, also known as Evil Twin is a term for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up by a hacker to eavesdrop on wireless communications. Explicit/Restricted Content in IM ApplicationsText content that is either explicit or restricted to your organization being transmitted over instant messaging applications. For example, confidential company information. Online Keystroke ListenersAn online version of a keylogger. See Spyware/Grayware for more information. PackersPackers are tools to compress executable programs. Compressing an executable makes the code contained in the executable more difficult for traditional Antivirus scanning products to detect. A Packer can conceal a Trojan or worm. The Trend Micro scan engine can detect packed files and the recommended action for packed files is quarantine. See Also:
What do you call a collection of programs that can infiltrate a computer system?Malicious software, or "malware," is software written with the intent to damage, exploit, or disable devices, systems, and networks. It is used to compromise device functions, steal data, bypass access controls, and cause harm to computers and other devices and the networks they are connected to.
What can self replicate without a host program and will spread without human interaction or directives from malware authors?Worms are a type of malware that can self-replicate without a host program; worms typically spread without any human interaction or directives from the malware authors.
Are malicious programs that come into a computer system?Malware is a catch-all term for various malicious software, including viruses, adware, spyware, browser hijacking software, and fake security software. Once installed on your computer, these programs can seriously affect your privacy and your computer's security.
What is malware quizlet?Malware, or malicious software, is any software designed with the purpose of corrupting or subverting the target computer.
|