3.1.2. Read antivirus bulletins.
3.1. Preparation
3.1.2. Read antivirus bulletins.
3.1.1. Make users aware of malicious code issues.
3.1.10. Configure the network perimeter to deny all incoming traffic
3.1.11. Secure all remote access methods, including modems and virtual
3.1.12. Put all publicly accessible services on secured demilitarized zone
3.1.13. Disable all unneeded services on hosts and separate critical
3.1.14. Use host-based/personal firewall software to limit individual hosts’ exposure
3.1.15. Create and implement a password policy.
3.1.3. Deploy host-based intrusion detection and prevention systems, including file
3.1.4. Use antivirus software, and keep it updated with the
3.1.5. Configure software to block suspicious files.
3.1.6. Eliminate open Windows shares.
3.1.7. Configure intrusion detection software to alert on attempts to
3.1.8. Configure all hosts to use centralized logging.
3.1.9. Establish procedures for having all users change their passwords.
By
Efrain Ortiz
Bulletins regarding new malicious code threats provide timely information to incident handlers.