Project Part 3: Malware Protection Procedure GuidScenario
Always Fresh allows external users, such as vendors and business partners, to access the Always Fresh Windows environment. You have noticed a marked increase in malware activity in the test environment that seems to originate from external users. After researching the likely source of new malware, you conclude that allowing external users to connect to your environment using compromised computers exposes Always Fresh to malware vulnerabilities.
After consulting with your manager, you are asked to create a policy that will ensure all external computers that connect to Always Fresh environment are malware free. You create the following policy:
“To protect the Always Fresh computing environment from the introduction of malware of any type from external sources, all external computers and devices must demonstrate that they are malware free prior to establishing a connection to any Always Fresh resource.”
Consider the following questions:
1. What does “malware free” mean?
2. How can a user demonstrate that their computer or device is malware free?
3. What are the steps necessary to establish a malware-free computer or device?
4. How should Always Fresh verify that a client computer or device is compliant?
Create a malware protection procedure guide that includes steps for installing and running anti-malware software. Fill in the following details to develop your procedure guide:
1. Provide a list of approved anti-malware software solutions—include at least three leading antivirus and two anti-spyware products. You may include Microsoft products and third-party products. Instruct users to select one antivirus and one anti-spyware product and install them on their computer.
2. Describe the process of:
a. Ensuring anti-malware software and data is up to date. Mandate daily updates.
b. Running regular malware scans. Mandate that automatic scans occur whenever the computer is idle. If that setting is unavailable, mandate daily fast scans and biweekly complete scans.
3. Provide steps to follow any time malware is detected.
a. Immediate reaction—what to do with current work, leave the computer on or turn it off
b. Who to contact
c. What information to collect
The procedure guide may be used by company security professionals in the future. Hence, all steps listed should be clear and self-explanatory.
Always Fresh is expanding. The company is adding another application server and several workstations. As the IT infrastructure grows, it becomes more difficult to manage the added computers and devices.
Consider the Windows servers and workstations in each of the domains of a typical IT infrastructure. Based on your understanding of Group Policy, determine possible Group Policy Objects that will make it easier to manage groups of computers. Focus on common aspects of groups of computers, such as permissions for workstations or printers defined for use by groups of users.
4. Recommend Group Policy Objects for the Always Fresh environment in a summary report to management. You must defend your choices with valid rationale.