For each threat, identify the defense or defenses that best protect against it — and be ready to explain why that defense works. Some threats have more than one good defense. Some defenses work against multiple threats. At least one threat is best stopped by something that isn't software at all.
Threats
- Virus Inserts into existing programs; runs when the host runs
- Worm Autonomous; spreads itself across networks
- Trojan Horse Disguised as something desirable; user installs it
- Spyware Secretly collects and reports your activity
- Phishing Impersonates a trusted source to get your information
- DoS / DDoS Floods a target with requests to overwhelm it
- Spam Bulk unwanted email; often a delivery vehicle for other attacks
Defenses
- Firewall Filters traffic at a gateway or individual machine
- Antivirus software Detects and removes known infections
- Spam filter Blocks unwanted email before it reaches the user
- Proxy server Acts as intermediary; hides internal network details
- Auditing software Monitors traffic patterns; detects anomalies early
- Encryption Makes data unreadable to anyone without the key
- User behavior Skepticism, caution, not opening unknown attachments