Troubleshooting Security Issues( Comptia Objective 3.2) Flashcards
What are some things you need to consider if you start noticing a bunch of pop ups in your browser? And what steps should you take to resolve this?
- Pop ups in your browser may look like a legitimate application but may actually be signs of a malware infection.
- Update your browser use the latest version.
- Check the pop up block feature inside the browser settings.
- Scan for Malware consider a cleaning or rebuild from scratch or a known good backup to guarantee removal.
If you start noticing that your browser is redirecting you to other URL’s without you telling it to do so after trying to search for something what is most likely the the most common cause of this? How to remedy?
- It’s important to know that this should never happen.
- Malware is the most common cause which makes money for the bad guys.
- Use an anti-malware/anti-virus cleaner( This is not the best option though)
- Restore from a known good backup( Best option only way to guarantee removal)
What should you do if you start seeing Security alerts and invalid certificate messages popping up in your web browser?
- Something isn’t quite right this should raise your interest.
- First look at the certificate details and you can do this by clicking on the padlock icon on the far left side of the URL bar. The certificate may be expired or may have the wrong domain name.
- The certificate may not be properly signed( untrusted certificate authority) need to contact the owner of the website to find out what’s going on.
What are some Malware network symptoms? How can this be remedied?
- Slow performance, lock up. ( Malware isn’t the best written code)
- Internet Connectivity issues. Malware likes to control everything including which websites you can visit and often will prevent you from downloading and installing any kind of anti-virus/anti-malware software.( You can’t protect yourself if you can’t download)
- OS update failures
Malware keeps you vulnerable and some malware uses multiple communication paths. - In order to remedy you will need to either install an anti-virus software from a removable flash drive and then use to clean it off the system or better yet just restore from a known good backup.
What are some symptoms of Malware embedded within the Operating System itself? And how can this be remedied?
- Renamed System files( Won’t need that anymore)
- Files disappearing or encrypted.
- File permission changes( Protections are modified)
- Access denied( Malware locks itself away) it doesn’t leave easily.
- To fix this you can use a anti-virus/malware cleaner or restore from a known good backup( best option).
- Note some malware is exceptionally difficult to remove**
What are symptoms of System Lockup, what solutions are there to remedy?
- Symptoms include System completely stopping and not responding to the mouse or keyboard. Check the caps lock and num lock status lights
- You still be able to terminate bad apps that caused a crash by accessing the Task Manager in Windows and Linux by hitting Cntrl-Alt-Del or in MACos by hitting Command-Option-Esc.
- Check logs when restarting( May have clues about what’s happening)
- May be a security issue( Perform a virus/malware scan)
- Also a really good idea to check if the issue is caused by a hardware issue so run a Hardware diagnostic to confirm if there is a hardware related issue.
If you start having application crashes what resources can you use to remedy this issue?
- If an application stops working it may provide an error message or may just disappear.
- In this situation you will want to check the Event log as it includes useful reconnaisssance.
- Check the Reliability Monitor for a history of application problems and then check for a resolution.
- Run some anti-virus/anti-malware scans and check for any issues there.
- Reinstall the application( Contact the application support)
What should you be on the lookout for when it comes to identifying virus alerts and hoaxes?
- Rogue antivirus may include recognizable logos and language claiming to be something it’s not or say something like “ Your system has been infected with malware click here to run scan and clean it off”
- This then can lead to you having to pay money to unlock your PC after the malware has installed itself onto your system or to “subscribe” to their service.
- Often requires a specific anti-malware removal utility or technique. ( The bad guys are very, very good).
Email is a significant security concern why is that and what methods are used via email to breach your security?
- Often attackers will send different kinds of “Spam” to cause security issues including:
- Unsolicited email messages
- Advertisements
- Phishing Attacks( attempting to get your personal information)
- Spread viruses
- Spam filters can be very helpful in helping to prevent a security breach via email.
If one computer get’s infected from a malicious email this then leads to “Hijacked email” where :
- Infected computers can become email spammers.
- You then receive odd replies from other users
- You receive bounce messages from unknown email addresses. If this happens it’s a good idea to then scan for malware and remedy.
What is a good resource to check on system and application errors and what’s causing them?
- System/ Application log errors in Windows can be found inside of the Event viewer many errors go undetected but the details are in the log.
- It may take some work to find them( So you will need to filter and research each error code)
- The Event viewer can also find security issues such as somebody using improper logins over and over again. Or an unexpected application being used as well as failed login attempts.
