9.3: Protection Methods
Protection Against Malware
The following methods can be used to protect computer systems from malware.
Updates & Patches
It is vital to keep applications and the operating system up to date as attackers are creating new malware daily and finding exploits in weak code.
A patch is a software update with edited code to fix any bugs or security flaws. Patches may need to be installed when errors or weaknesses have been identified by the developers. Video game developers often release patches to fix errors.
Other Methods of Protection
Two Factor Authentication (2FA)
This is a method of confirming someone's identity by requiring two forms of authorisation, such as a password and a pin code sent to a mobile.
Use Malware Removal Tools
Download and install anti-malware applications that will remove infected files for you. Be careful, some software that labels itself as malware removal is actually malware itself.
Staff may be hired to protect important data, for example by guarding server rooms or checking ID badges.
Protection Against Keyloggers
One method is to prevent access to the keyboard port at the back of the computer (e.g. USB port) so others can't connect a physical keylogger to capture key strokes.
Also a firewall could be used to prevent a device driver being installed which would save key strokes into a file for malicious users to view.
Malware and Security Training
Companies should train staff to spot common phishing scams and to only use trusted websites and software manufacturers.
Many companies spend money on training days to teach employees about cyber security to minimise the chance of data loss and corruption.
The following methods of protection are considered in the design, testing and creation stages of developing software.
Secure by Design
This method puts security as the most important concept when creating and designing software.
By focusing on security when designing software there should be less need for later updates and patches and attacks are less likely to succeed.
Too Many Permissions
Apps require permission to use device features (such as the camera or microphone of a smartphone) when they are downloaded. Programmers should only request permission for features that the software requires.
Some malicious apps steal data or spy on users - and the worst part is that you've given permission for it to do it! Users can avoid suspicious apps by reading reviews, checking there are no unnecessary permission requests, only downloading the software you need / will use and uninstall apps if permissions change.
Without SOP an infected website could access personal data or infect a computer with malware by maliciously using the same scripts as other websites you have used. Programmers should set scripting restrictions when creating websites.
Validation with Parameters
A parameter is a measure that is used when validating data, it is usually a range or limit.
For example, the parameters of a length check may be whether the data is between 1 and 10 characters.
Programmers must ensure validation is used on websites with suitable parameters to prevent attacks such as an SQL injection.
9.3 - Protection Methods:
1. Describe the purpose of antivirus software and its different roles. 
2. Describe the purpose of firewalls and its different roles. 
3. What is a patch? Why are they important? 
4. Describe four other methods of protection. 
5a. What is meant by 'secure by design'? 
5b. What are two intended consequences if software is secure by design? 
6. What is a permission? Why should permissions be managed? 
7. What is Same Origin Policy (SOP)? Why is it important? 
8. What is a parameter? Why is validation used when data is input online? 
Antivirus software is used to locate and delete viruses on a computer system. The software scans each file on the computer and compares it against a database of known viruses. Files with similar features to viruses in the database are identified and deleted.
There are thousands of known viruses, but new forms are created each day by attackers, so antivirus software must be regularly updated to keep systems secure.
Other roles of antivirus software:
Checking all incoming and outgoing emails and their attachments.
Checking files as they are downloaded.
Scanning the hard drive for viruses and deleting them.
A firewall manages incoming and outgoing network traffic.
Each data packet is processed to check whether it should be given access to the network by examining the source and destination address.
Unexpected data packets will be filtered out and not accepted to the network.
Other roles of a firewall include:
Blocking access to insecure / malicious web sites.
Blocking certain programs from accessing the internet.
Blocking unexpected / unauthorised downloads.
Preventing specific users on a network accessing certain files.