Category Archives: Security

Tips To Select AntiVirus (AV)

Security, ,

So you made the decision to buy an AntiVirus (AV) to safeguard your system. But stuck with what to look for in the AV?

Here are some of the tips that will help you in selecting the best AV for your computer:

– Load on System

– Frequency of the definitions or updates

– Type of subscription

– Ease of Upgradation

– Technical Support


Load on System

One of the common complaints from the users is that AV is taking lot of system resources. I think the problem could be caused at the startup of the computer where the most of the programs are configured to load and slow down the system. One way to get around this is to disable or delay or the startup of other applications. Remember it is very essential that AV loads at startup and not at a later time because some of the threats tend to load at startup and if they are allowed to load, they could even disable the AV.

Some of the other tips include, increasing the system RAM or Memory. Not only does this speed up the computing, but also allows you to multitask. Here is an easy and simple way to selectively allow programs to start in Windows:

1. Go to Start > Run

2. Type MSCONFIG

3. Click on the Startup tab

4. Uncheck the programs like Adobe, Winamp, MSN /Yahoo/Gtalk Messenger and etc

5. Click OK

 

Frequency of virus definitions/updates

Well, if you think just installing an Antivirus would protect your system, hang on. You will also need to download the updates or antivirus definitions to keep up with the new threats. In this fast changing world of technology, newer threats in the form or Viruses, Worms and Trojans (Click here to read the difference between Viruses Worm and Trojans) come out each day. While it may be difficult for AV companies to keep the pace with all of them, some AV Vendors use heuristics to at least quarantine some of these. Symantec for example uses a technology called as Bloodhound to isolate the malicious threats for which complete information is not known. The common practice is this space for most AntiVirus vendors is to release the updates on a weekly basis. However, if there is an outbreak, the definitions to cure the same are released instantly to prevent any zero day attacks. Read the product information at the vendor’s site carefully to know the frequency of updates. An AV that does not get definitions on a periodic use may not be of much use.

Suggestion: Configure your AV to automatically download and install the updates as and when new updates are released.

Ease of Upgradation

The standard practice in the AntiVirus (AV) vendor space is that each year a newer version of the product is released. More often than not, you may end up upgrading to the newer version. Upgradation basically means installing a newer version over the existing version. So ensure that the AV you buy has the good track record of clean upgradation.

Some AV applications are known to have issues while upgrading from an older version to newer version. If not done correctly, they may leave traces in the registry and can cause major issues while installing. So watch out while you decide to Upgrade or Renew for Updates.

Type of Subscription

AV products generally have usage license for a period of one year. That is you pay and use for one year and after which you will have to renew it in order to receive the AV Updates / Virus definitions. Know the difference between Upgrade and Update.

An update is a periodic Antivirus definition or signature release from the vendor. This can be periodic, for example Symantec releases its Virus definition every Wednesday. Updates include Virus definitions, program improvements, patches etc.

An upgrade is the iteration in the version of the product. For example, you are using Norton Antivirus (NAV) 2008 and it is reaching its one year period and Symantec has now released NAV 2008. You will be presented an option to upgrade to the newer version or continue using the older version by renewing the subscription fees, in which case you will continue to use NAV 2009.

An upgrade normally costs little more than renewal and its better to go for an upgrade because there will bound to be improvements in the newer version.

 

Technical Support

Believe me, one factor that is going to have a major impact on your peace of mind is the Technical Support from your vendor on their product. I have seen people tear their hairs on the issues that can arise out of the blue.

Most of the problems arise while installing the product. Make sure you read the minimum hardware requirements, supported OS, incompatibility with other products before you decide to zero in on any product. Such information is published in the vendor website.

NOTE: You should Install and Use only One AntiVirus at a time. Having multiple AV to protect your system can cause all of them to malfunction and allow a threat to affect your system!

Technical support can be free or charged. Normally, free technical support is restricted to Knowledge Base Articles and Email or Chat support. KB articles are a good source of information for known issues and solutions for them. Some AV vendors even run support forum, where the solution comes from people like you and me.

Paid support comes in the form of Telephone calls. Here also you may have to go through the maze of IVRs to actually get to talk to the agent. By the time you get to talk to the agent you may be zapped, this does not end here….but to actually get the solution to your problem, you will have to shell out some money which may not be worthwhile. The charge for the paid support is almost equal to the half of the product price! (remember online search engines Google, Yahoo and MSN search are your friends!)

Last but not the least, this write-up would be incomplete without the mention of Open Source vs Commercially available AV products. Currently, there are not many Open Source products in this space except www.Clamwin.com. It’s worth a try and better than using many free version of commercial AV. I had used it briefly on a Virtual Machine running Windows XP and it was performing well. For any queries, you can buzz me at Twitter.

How I Passed CISSP exam successfully

Security, , , , , , ,

Although the idea of taking the CISSP exam had been lurking in my mind from a long time, I could only book the exam on Dec 9th 2008 after a friend of mine did and I also decided to jump the bandwagon….Moral support you know 🙂 The date scheduled was Jan 31st 2009. From the cccure.org forum it looked as if the average time was 3 months+ minimum so the thought of race against time to be prepared was ON right from the moment I had booked exam.

I had chartered a tentative time-table by allocating roughly about 5 days per domain. Although it was difficult to stick to it, it surely helped me in terms of expectations and in the end I was able to work through it almost, per schedule. I relied heavily on Shon Harris AIO 3rd edition (which I had bought in 2007! but kept procrastinating from studying!) and Ronald Kurtz’s CISSP Prep Guide Gold Edition. Once I got to know from the cccure.org forum on the differences between 3rd and 4th edition, I decided to stick to 3rd edition.

However, my advice would be to go with the 4th edition as new topics like SAN, Data on Transit, etc are not covered in 3rd edition and I remember seeing them in the CISSP Candidate Information Bulletin.

I have about 7 years of experience in IT and Security. My current experience in Technology Risk Management and previous stint with a startup company was instrumental in understanding the concepts required for Operations Security, Access Control, Physical Security, Telecom and Network Security with implementation experience.

Very recently in November I had successfully completed ISO 27001 LA course and couple of years back had done a course in Cryptography from Indian Institute of Science, Bangalore as part of continuing education program. Last year, I had completed Diploma in Cyber Law from Mumbai University to get some insight into law in technology. So the buildup was there but without CISSP in mind.

I have never studied like this in my whole life including the 10th and 12th standard which most people in India consider as turning points in ones lives and that too with so much intensity was a long task. My wife along with one and half year kid decided to go her Parents place for a month so that I could concentrate properly. So this holiday season was totally bland for me considering I missed the family, Christmas vacation and usual new year parties!

As for studies, I used to study for couple of hours everyday in the night towards the last two weeks, this increased to 8+hours as I had taken leave. I would read complete chapter in AIO and then take the test at the end of chapter from both AIO and Prep Guide, the mock exam for each chapter that came with AIO and the exams here at the cccure.org site. I did find lot of difference in questions of AIO when compared with questions in cccure.org site and that’s because these questions are contributed by folks like us who might have already cleared CISSP and used their real life experience in framing them. Towards the end, I did mock exams for each chapters from cccure.org site and at end I also did a mock 6 hour exam with a OCR answer sheet (of a different exam from google) that I downloaded from the NET and for this I used the 250 questions from the freepractices.org site to prepare mentally for sitting 6hours!

I also used the various members contributed materials like Mike Overly updated material, Hal Tipton pdfs, FAQs, Memoirs etc apart from NIST guidelines. All of these are except NIST guidelines are available at cccure.org website

During Exam:

I had jotted down points from Cccure.org’s Clements’ introductory video on CISSP exam (I would strongly recommend this to anyone who is interested in taking CISSP exam) and based on the inputs from various members in this cccure.org forum, I decided to take some fruit juice, a self made sandwich :), and water to the exam hall and I somehow sneaked time to have a quick munch apart from three loo breaks. At the exam hall, coffee and tea were made available outside. Although I had taken pencils, sharpener, erasers and a dictionary, I relied on the pencils
provided by ISC2. I wish I had kept one of those pencils as souvenirs!

When I started I wasn’t sure about the first 5 questions or so…but then I remembered some suggestion which though sounded weird -it was to start from the last! Once I was sure of the answers, I would transfer them to the answer sheet and the ones I had doubts I would mark them in question paper for later review. I used the full six hours for the exam and wasn’t sure that I would make it and the thought of blowing away INR 28K/550USD was buzzing in my mind. Later I started to think about other things that I had missed in these time…from last couple of days I was thinking about that email from the ISC2 and it did arrive on Thursday….I was actually thinking about letting my wife read that email first…but gathered enough courage to see it myself and was glad to see the congratulatory message of passing…atlast the efforts had paid off! Thanks to ALL here in this cccure.org forum, my friends and Family!

Must Have’s (recommendations) for CISSP:

-CISSP Candidate Information Bulletin from www.ISC2.org
– Check the materials and forums at www.cccure.org website
-Clement’s introductory video on CISSP (I have posted the URL above)
-Shon Harris AIO book(s) 6th Edition is available from Flipkart.com at a discount
-NIST guidelines
-5+ year experience in any of the 10 Domains of CISSP Common Body of Knowledge. Practical or implementation experience would do a lot good.

Good Luck and May the Force be with you!

Prasanna