Chapter 9: Viruses, Worms, Trojans, and Protection

Overview

You might be asking yourself, 'Why is there an Introduction in the last chapter of this book?' Here is the answer. If you have focused and really dedicated yourself to the first eight chapters of this book, it is likely that you already posses the skills and tools necessary to pass the current Security+ examination. You are now being introduced to the chapter in this book, because it is a book within itself. It might not be as lengthy as some of the previous chapters in this book. However, it will serve as your silver bullet in the exam room. This chapter is specially designed to give you that extra edge that will increase your chances of scoring higher on the exam. Note that some of the terms that you will see in this chapter have been described to you briefly in earlier chapters-for examples, virus, logic bomb, and Trojan horse. This method has been implemented purposefully as a staircase approach throughout this book in order to prepare you for the overall understanding that you will achieve by the end of this chapter.

After looking over the CompTIA Security+ exam objectives, most likely, you have come to the conclusion that you will have to be familiar with certain types of malicious code, viruses, and virus categories as well as protecting certain operating systems in order to pass the test. However, which viruses should you concentrate on? Which operating systems will be targeted on the exam? When this book was written there were over 65,000 known viruses. Are you familiar with all 65,000? As far as operating systems go, there are four different operating systems from four different venders that CompTIA will most likely target on the examination. After all, the exam is 'vendor neutral.'

No need to fear if you spend a good portion of your life studying for, fine tuning, and taking certification exams from the major vendors such as Microsoft and CompTIA. You will begin to notice a very evident pattern that develops with most if not all of their exams. They seem to take the top ten or 20 most important topics regarding particular subject matter and design two or three questions around each of those individual topics. The questions, although they appear to be unrelated, typically all lead to the same place and the same predictable answers. It's in the way they ask you the questions that the correct answer can be found. In other words, the questions are designed to take you away from where you should be focusing by throwing in tempting garbage that has little or nothing to do with the correct answer. Your job is to separate the truth from the garbage.

It is likely that you will need to know the top one or two viruses from each of the virus variation types over the last several years that have affected the planet in a negative way. We will focus on them and more. It is also likely that you will be asked general questions relating to basic security functionality within Microsoft Windows operating systems and UNIX/Linux. It is recommended that you focus on these particular operating systems for they are the most commonly used, administrated, and often-targeted operating systems by hackers. CompTIA knows this. As a result, it is highly likely that the majority of questions you face will target these two operating systems. Increase your odds of passing by focusing there.

It is likely that the current Security+ exam will not target specific operating systems with specific detailed operating systems questions by using particular screen shot diagrams of the inter workings of the operating systems. In simple terms, you might see general operating systems questions similar to the following, as opposed to questions that ask how you would specifically carry out a particular task:

What is the Administrator account called using Linux?

Where is the administrative password stored in Linux by default?

What is the archival (backup) command called in Linux?

What account should you rename using Microsoft Windows?

Update your virus definitions, do a full system scan, enable your stateful inspection firewall, and fasten your seat belts. Here we go.