Student Name
CYB/110
Playbook / Runbook Parts 1-3
Student Name
University of Phoenix Online
CYB/110
Question 3
The scenario that happened involved the Win32/Virut malware that was notorious and wreaked havoc on one machine in the company (Microsoft). The malware was detected and stopped before it spread to any other computer on the network. It operates by modifying the software executables on the computers and spreads by targeting every software executable that opens and writes its code that introduces a backdoor that allows hackers to access the system from remote servers. The malware is introduced when an infected executable is run on the machine and once it has been installed along with the innocent-looking software, it copies itself to every other executable as soon as it is opened, meaning that it does not spread if no executable file is run. This, in turn, means that any software that is yet to be run is safe.
Upon realizing the corruption, which was done when an online scan using ESET antivirus was conducted, every executable was closed down (ESET). This allowed for antivirus to effectively isolate any executable affected and list it. Indeed, the executables were listed and it turned out that 7 executables had been affected already, these were immediately quarantined. Some of the software affected were office word and operating system executables. To effectively deal with the threat, I restored the quarantined files so that I could cleanly uninstall the software. After the uninstallation, the online scan was run again, since it was not vulnerable to infection through the executable corruption. This time around, every identified threat was removed and an operating system disc used to repair the corrupted operating system files. Finally, the ESET antivirus was installed so that such threats can be prevented before happening to reduce the extent of the damage. The affected software was then reinstalled and the system scanned with the offline antivirus and scheduled to automatically scan every day (Koret and Bachaalany).
Employees must be guided not to share the following information online:
· Usernames
· Office address
· Their medical history and records
· Their work experiences
· The place they have lived in
· Family member’s identity
· Date of births
· Personal information regarding bank detail or similar data (Norton).
If employees put this data online, their personal information can be misused and they may face an issue which can be severe.
Employees also need to be trained to interact securely while they use the internet. They must take care of the confidential information while sharing it in an email because if the emails are not protected, company data may be at high risk. If they have to share any document or attachment with the management, they need to develop a special code or a password to safeguard the sensitive and confidential information. Employees need to frequently change the passwords because the si.
Student NameCYB110Playbook Runbook Parts 1-3S.docx
1. Student Name
CYB/110
Playbook / Runbook Parts 1-3
Student Name
University of Phoenix Online
CYB/110
Question 3
The scenario that happened involved the Win32/Virut malware
that was notorious and wreaked havoc on one machine in the
company (Microsoft). The malware was detected and stopped
before it spread to any other computer on the network. It
operates by modifying the software executables on the
computers and spreads by targeting every software executable
that opens and writes its code that introduces a backdoor that
allows hackers to access the system from remote servers. The
malware is introduced when an infected executable is run on the
2. machine and once it has been installed along with the innocent-
looking software, it copies itself to every other executable as
soon as it is opened, meaning that it does not spread if no
executable file is run. This, in turn, means that any software
that is yet to be run is safe.
Upon realizing the corruption, which was done when an online
scan using ESET antivirus was conducted, every executable was
closed down (ESET). This allowed for antivirus to effectively
isolate any executable affected and list it. Indeed, the
executables were listed and it turned out that 7 executables had
been affected already, these were immediately quarantined.
Some of the software affected were office word and operating
system executables. To effectively deal with the threat, I
restored the quarantined files so that I could cleanly uninstall
the software. After the uninstallation, the online scan was run
again, since it was not vulnerable to infection through the
executable corruption. This time around, every identified threat
was removed and an operating system disc used to repair the
corrupted operating system files. Finally, the ESET antivirus
was installed so that such threats can be prevented before
happening to reduce the extent of the damage. The affected
software was then reinstalled and the system scanned with the
offline antivirus and scheduled to automatically scan every day
(Koret and Bachaalany).
Employees must be guided not to share the following
information online:
· Usernames
· Office address
· Their medical history and records
· Their work experiences
· The place they have lived in
· Family member’s identity
· Date of births
· Personal information regarding bank detail or similar data
(Norton).
3. If employees put this data online, their personal information can
be misused and they may face an issue which can be severe.
Employees also need to be trained to interact securely while
they use the internet. They must take care of the confidential
information while sharing it in an email because if the emails
are not protected, company data may be at high risk. If they
have to share any document or attachment with the management,
they need to develop a special code or a password to safeguard
the sensitive and confidential information. Employees need to
frequently change the passwords because the similar passwords
for longer periods can be misused and easily hacked. While
interacting online, they should not download any programs or
need not install the unnecessary and untrusted applications
because they can be a serious threat to their devices and the
data kept in their devices may become at stake. They must
develop passwords which are a mix of numeric and text to
strengthen the security. When it comes to emails, they should
not be downloading any emails from unknown sources and must
also not click on the unknown links because they make give a
security shock. Safe browser must be used and the antivirus
should be updated (Kaspersky).
For the enhanced email security, employees must develop
separate email accounts for the official use and their passwords
must be updated and complex. No large or unnecessary
attachment needs to be downloaded because they may contain
malware. Email security features must be known to the
employees. Using public Wi-Fi to send and receive emails is not
recommended because there is a high risk of data to be stolen
on public Wi-Fi. All those attachments which are of no use must
be blocked. If an email has too many recipients, it should also
be blocked. So, email communication must be protected (Tolly).
Following is the list of items that company employees should
never share on the social media:
· Representation of the company with unauthentic statements
· Not talking about intellectual property rights
· Not disclosing any confidential information
4. · Not giving statements without having proper knowledge
· Taking in a negative tone about the competitor
· Posting any controversial thing
· Talking about job roles
· Posting office stories
· Posting any accounts information
· Talking in a hatred manner toward other people (Workable).
Part 3
It is imperative for any business to secure the equipment with
respect to network connections, mobile devices and cloud
services. There is a strong need for businesses to develop
guidelines for enhancing security of network connection, mobile
devices and cloud services.
To develop guidelines for the security of network connections,
it is significant to understand about the components of a
network. The main components of a network are router, firewall
and switch. The router is a security barrier furthest from the
center (Meier et al. para 26). The router sends IP packets to the
networks to which it is attached. This router can be safeguarded
in opposition to reconfiguration by making sure that it contains
the advanced security patches and upgrades implemented. In
addition, shielded administration interfaces can be utilized to
enhance its safety (Meier et al. para 26). Firewall obstructs
those ports which are not needed and permits the traffic from
those ports that are recognized. To increase the security of
firewall, it is necessary that firewall is patched on regular basis.
The services which are not used should be eliminated.
Moreover, the administration interfaces of the firewall should
be safeguarded (Meier et al. para 27). Switch is the third main
component of a network. Switches do not perform a greater part
in the safe networking domain. Switches enhance the
performance of a network. They can be made secure by testing
and installing the updates and patches, and removing all those
services or ports which are not utilized.
Cybercriminals persistently search for the methods to make
5. complete use of and derive benefit from weaknesses in
operating systems, applications and software attempting to
discover security defects prior to producers discovering and
patching those faults (“Best Practices” para 2). The main prey
to them is the user information which ranges from credit card
details to emails passwords. The users can enhance the security
of their mobile devices by utilizing built-in anti-robbery
applications such as Find My iPhone. With the help of this
applications, the owner of a mobile device can delete all
information from a distance in a case they are not able to find
their stolen device (“Best Practices” para 8). Besides, the users
can safeguard their data that is transferred and obtained online
by establishing a VPN. Mobile devices should be set on
automatic locks and a sound passcode should be created so that
no one can immediately discover the personal data. Also, it is
mandatory to scan any email, message or call from an
unfamiliar sender prior to opening it.
It is very important to adopt a proactive approach when the
security of cloud services is considered into account. It is
recommended that the businesses should utilize two-factor
authentication because the customary usernames and passwords
combinations are not enough to offer high security to the users’
accounts. Two-factor authentication allows only official
employees to log into the accounts and approach important
information (Ntiva Editorial Team para 2). It is also important
for a business to establish appropriate degree of authorization
because each employee does not require a reach to every bit of
data. Allocating user access rights will not only stop a worker
from editing details which he/she is not allowed to approach,
but also safeguards the systems of an organization from hackers
(Ntiva Editorial Team para 3). It is also imperative to assure
that an employee cannot approach an organization’s data,
systems, intellectual properties and customer details when
he/she is no longer a part of that particular organization. The
organizations should implement a systemized deprovisioning
procedure to make sure that the access entitlements of all
6. leaving employees are cancelled (Ntiva Editorial Team para 5).
Lastly, a cyber security training should be offered to the
personnel.
Works Cited
ESET. Free Virus Scan | Online Virus Scan from ESET. 2018.
Web. 19 June 2018.
<https://www.eset.com/us/home/online-scanner/>.
Kaspersky. Top 10 Internet Safety Rules & What Not to Do
Online. n.d.
https://usa.kaspersky.com/resource-center/preemptive-
safety/top-10-internet-safety-rules-and-what-not-to-do-online.
30 August 2019.
Koret, Joxean and Elias Bachaalany. The Antivirus Hacker's
Handbook. 1st. Hoboken: Wiley,
2015. Print.
Microsoft. Virus: Win32/Virut.BN. 15 September 2017. Web.
19 June 2018.
<https://www.microsoft.com/en-us/wdsi/threats/malware-
encyclopedia-description?Name=Virus:Win32/Virut.BN>.
Norton. What personal information should you safeguard? n.d.
https://us.norton.com/internetsecurity-privacy-what-personal-
information-should-you-safeguard.html. 30 August 2019.
Tolly, Kevin. Implementing the top 6 email security best
practices for employees. 26 April 2019.
https://searchsecurity.techtarget.com/tip/Implementing-the-top-
6-email-security-best-practices-for-employees. 30 August 2019.
Workable. Employee social media policy sample. n.d.
https://resources.workable.com/social-
media-company-policy#. 30 August 2019.
Works Cited “Best Practices: Securing Your Mobile Device”
Trend Micro. Trend Micro Incorporated, 10 Oct. 2017. Web. 10
September 2019.Meier, J.D., Alex Mackman, Michael Dunner,
Srinath Vasireddy, Ray Escamilla and Anandha Murukan
7. “Chapter 15 – Securing Your Network.” Improving Web
Application Security: Threats and Countermeasures. Microsoft
Corporation. 2003. Web. 10 September. 2019.Ntiva Editorial
Team. “6 Tips for Improving Cloud Computing Security.”
Ntiva. Ntiva, 20 August, 2018. Web. 10 September 2019.