1. Cyber Attacks Can Come From Based on This Lecture
Most famous attack is buffer overflow. PCs for file sharing are susceptible to remote buffer overflow. What happens if vulnerability is announced
The first case automatically or manually apply the patch. The second case disable the application or port that is vulnerable. Vulnerability can be:
In case of design, the service must be disabled and reprogram. Case of misconfiguration, edit the configuration file, and as for modules disable and edit the module. To handle the vulnerabilities above the following common steps are taking.
If not taking the steps above then there's a risked in rebuilding the system from the scratch since there's a chance in breaking the system when performing modification.
As written on the first part if it is already infected by a virus or worm then the infection must be cleaned. A software called antivirus had been developed which detects the infection based on patterns of the virus. By installing this software it can prevent and also clean the infections, but even this software is not perfect. If the antivirus cannot detect the infection then it's suggested to take the 5 steps above in dealing with the vulnerability. Worst case we must backup the data, destroy and rebuild the system.
The term “policy” is a set of rules and procedures that is agreed by involving parties, and then carried out. In my opinion the strategy build this information security policy must be carried out not in a hasty pace, because it includes parties that is not professional in IT and some are less aware of the cyber attacks that occurs. Even as a information security professional, if given a large book of the information security policy will respond as “this will take time to review”. So it is recommend to take it step by step as in some standards from International Standard Organization (ISO).