Hw Lab1. What is the main difference between a virus and a Trojan?
A virus is a program that is capable of replicating with little or no user intervention, and the replicated programs also replicate further. There is typically a piece of code that causes an unexpected, usually malicious, event (payload) to occur. Viruses are often disguised as games or images with clever marketing titles.
A Trojan horse is a program that either pretends to have, or is described as having, a set of useful or desirable features, but actually contains a damaging payload. True Trojan horses are not technically viruses, since they do not replicate, however many viruses and worms use Trojan horse tactics to infiltrate a system. Although Trojans are not technically viruses, they can be just as destructive.
2. A virus or malware can impact which of the three tenets of information systems security (CIA)? Describe how it impacts it as well.
Virus maybe can send files to other people that don’t allow reading these files. It will affect Confidentiality. Some virus will break program. Then these programs cannot run. This wills effect Availability. Some virus will change some file in a program. This wills effect Integrity.
3. Once a malicious file is found on your computer, what are the default settings for USB/removable device scanning? What should an organization do regarding use of USB hard drives and slots on existing computers and devices?
Besides Vendor IDs and Product IDs, some devices also have a serial number associated with them. The “Serial Number Descriptor” string is optional, but a fair number of devices such as thumb drives, removable USB hard drives, PDAs and cell phones have them. While most of these scanning and tracking details would be of most use with the “USB Mass Storage devices containing malware” and the “U3 thumb drives with "evil" autorun payloads” categories, they may still be of use against “USB Hardware Key Loggers” and "Programmable HID USB Keyboard Dongle"...