(3) Malicious processes, malware and software that is not authorized Flashcards
What important methods are normally involved in detecting malware, bad processes and not authorized software?
These major processes and tools are important in the detection of malware, bad processes and bad software:
-Central Management tools like Microsoft Endpoint Manager
-Antivirus and Antimalware tools
-Endpoint detection and response (EDR)
-Software and file block listing
-Application allow listing
In terms of useful tools for detecting bad processes, software and malware, what is important to remember about Microsoft Endpoint Manager?
Microsoft Endpoint manager does manager software installation and report on it, but it doesn’t run in real time
In terms of useful tools for detecting bad processes, software and malware, describe software and file block listing
In terms of useful tools for detecting bad processes, software and malware, software and file block listing uses a list of prohibited software and files and stops it from being installed.
This is a bit more inclusive than anti-virus and anti-malware as it includes non malicious programs and files
In terms of useful tools for detecting bad processes, software and malware, describe application allow listing
In terms of useful tools for detecting bad processes, software and malware, application allow listing only enables specifically allowed files and apps on a computer.
