Chapter Summary

After completion of this chapter, you should have gained a good basic understanding of malicious code, specific computer viruses, antivirus solutions, and the very basics of operating systems security as they relate to the Security+ exam. At this point, you should hold yourself accountable for the following:

• You should know the differences and similarities between various type of malicious code such as viruses, worms, and Trojans.

• You should have the ability to identify security related terms such as Zoo, “in the wild,” stealth, polymorphism, variant, payload, trigger, malware, spyware, and blended threat.

• You should be able to identify what type of malicious code or virus category specific viruses such as NetBus, Nimda, Brain, Backdoor.Trojan.dr(7), and BackOrifice are associated with. In other words, are they worms or Trojan horses, and so on?

• You should go to the recommended virus encyclopedia at http://securityresponse.symantec.com/avcenter/vinfodb.html/ and become familiar with as many viruses as possible before taking the Security+ exam.

• For the exam, you should have an basic understanding of important antivirus software features such as enabling real-time protection, live updates, scheduled scans, filtering, and e-mail attachment scanning. For real life, you should have experience managing enterprise-wide antivirus solutions that include the earlier mentioned features as well as implementing centralized control features such as monitoring, quarantining, auto discovery, and server/client antivirus rollouts.

• You should be familiar with fundamental operating systems security practices and procedures inherent with Microsoft Windows and UNIX/Linux operating systems. If you have followed the recommendations included throughout this book, and used all the tools possibly available to you, you should now be well prepared for the real exam. However, actually passing the exam is completely in you hands. It would be in your best interest to take the exam as soon as you complete your study of this book.

Here’s one final note: Technical certification is a tool that can help you prove your skills, acquire technical employment, and contribute to job advancement opportunities. However, there is absolutely no tool greater than hands-on experience!