Join Scott M Burrell for an in-depth discussion in this video What you should know, part of Malware: Defense and Response.
- [Instructor] This course was designed to provide knowledge and insight to people of varying levels of expertise. I will be providing explanations to help those with less experience, and I'll be presenting tools that should only be used by trained professionals. So while there are no prerequisites for this course, there are a few things that will help you get the most out of this course. Many of the malware threats today target Windows computers in networks of other Windows computers. A knowledge of Windows workstations and servers, including advanced management by registry editing, would prove helpful.
Diagnostic tools, such as Wireshark, and process managers, such as Rkill, are not the most intuitive software on the market. Some awareness of packet sniffers and their capabilities will help you form defensive and responsive strategies as we enter those portions of the course. Finally, many people have their favorite brand of anti-malware software. Multiple titles will be mentioned here, with some limited description of their limitations or benefits. This will not be an exhaustive list, so please don't be offended if I don't include your favorite product.
Like I said, you don't have to be an expert in these areas, but a degree of experience here will make some topics in this course more meaningful. But enough with the preliminaries. Let's get started.
- Determine whether worms or viruses are a bigger problem.
- Describe the fundamental characteristic of ransomware.
- Recognize the first step in stopping the spread of a network problem.
- Explain the key benefit of stopping processes in active memory.
- Name a benefit of using WSUS for updates.