Mod2 wfbs new starter
-
Upload
ian-thiele -
Category
Technology
-
view
1.612 -
download
3
Transcript of Mod2 wfbs new starter
1Version 1.0 – Trend Micro Confidential
Solution ReadinessSupport Training
Trend Micro Worry-Free Business
Module 2
2Version 1.0 – Trend Micro Confidential
Trend Micro Worry-Free Business Security
Module 2Marketing and Selling WFBS
3Version 1.0 – Trend Micro Confidential
WFBS New Starter Training Course Contents
1. Today´s Threats
2. Product Overview
Module 2 – Marketing and Selling WFBS – Today’s Threats and how WFBS is fighting them
4Version 1.0 – Trend Micro Confidential
Trend Micro Worry-Free Business Security
Chapter 1Today’s Threats
5Version 1.0 – Trend Micro Confidential
You will be able to
1. Describe different malware types and how they have evolved
2. Describe an infection chain involving a botnet
3. Understand the motivation of today’s malware writers
4. Describe the impact of malware in business terms
5. List the things on your PC network you should protect
6. List methods you can use to protect yourself against attacks.
7. Outline a policy for protecting a business network
8. List the features that a good anti-malware product should have
19Version 1.0 – Trend Micro Confidential
Review Question 1.1
• Describe different malware types and how they have evolved• What is the difference between a virus, a network virus and a
worm?
20Version 1.0 – Trend Micro Confidential
Review Question 1.2
• Describe an infection chain involving a botnet• What is the best description of a botnet?
a. A hacker creates a botnet by sending a trojan to Microsoft servers
b. The hacker controls the botnet by inserting a keylog into infected computers
c. A botnet is a collection of network viruses running on a large group of computers
d. A botnet is a group of infected computers controlled by hacker
21Version 1.0 – Trend Micro Confidential
Review Question 1.3
• Understand the motivation of today’s malware writers
• What are the reasons people create malware today compared to for example 5 years ago?
22Version 1.0 – Trend Micro Confidential
Review Question 1.4
• Describe the impact of malware in business terms• What malware variant has caused economic losses amounting
to billions of dollars? Describe the outbreak in general terms.
23Version 1.0 – Trend Micro Confidential
Review Question 1.5
• List the things on your PC network you should protect• Name three things a small business needs to protect. How
would you assign a financial value to each one? Give a rough estimate in euros.
24Version 1.0 – Trend Micro Confidential
Review Question 1.6
• List methods you can use to protect yourself against attacks.
What advice would you give to a non-technical friend or colleague who seems to be suffering from malware attacks? Make a list of actions he or she should carry out. What would be top of the list?
25Version 1.0 – Trend Micro Confidential
Review Question 1.7
• Outline a policy for protecting a business network
What items need to be protected on a small business network? Think in both physical and abstract terms.
26Version 1.0 – Trend Micro Confidential
Review Question 1.8
• List the features that a good anti-malware product should have• Imagine you are trying to convince a friend to use anti-malware
software on his or her computer. What features would you explain? Outline the conversation you would have.
27Version 1.0 – Trend Micro Confidential
Review Answer 1.1
• Describe different malware types and how they have evolved• What is the difference between a virus, a network virus and a
worm?• A Virus is an autonomous piece of malicious code which infects
boot sector or files but cannot spread itself to another computer. Spreads manually via floppy disks, later by email or web download.
• A virus spreading over the network is not strictly a network virus. A Network Virus is a virus which replicates using network protocols such as TCP and HTTP.
• Worm – An example of a a Network Virus. Spreads due to network vulnerabilities, like other Network Viruses it can be identified and blocked by a Firwall.
28Version 1.0 – Trend Micro Confidential
Review Answer 1.2
• Describe an infection chain involving a botnet• What is the best description of a botnet?
d. A botnet is a group of infected computers controlled by hacker
29Version 1.0 – Trend Micro Confidential
Review Answer 1.3
• Understand the motivation of today’s malware writers
Today’s malware writers are a criminal element motivated primarily by money. They steal account information and gain access to bank accounts and then take money from these accounts. They try to remain undetected.
In the past script-kiddies and other hackers were motivated by a desire to “show-off” their hacking skills. They wanted to make a big impact and embarrass prestigious organisations.
30Version 1.0 – Trend Micro Confidential
Review Answer 1.4• Describe the impact of malware in business terms
• What malware variant has caused economic losses amounting to billions of dollars? Describe the outbreak in general terms
NetSky is an example of malware which in 2004 had already caused over 25 billion dollars of damage.
This worm spreads by sending out copies of itself as email attachment using its built-in SMTP engine. It gathers target recipients from certain files found on the affected machine, virtually turning the affected system into a propagation launch pad. Like most mass-mailing worm programs, this worm employs social engineering to get through that most critical barrier to propagation, which is getting the target recipient to open the infected email and execute the attachment.
Malware damages are calculated on the basis of helpdesk support costs, overtime payments, contingency outsourcing, loss of business, bandwidth clogging, productivity erosion, management time reallocation, cost of recovery and software upgrades. Intellectual Property Rights (IPR) violations and customer and supplier liability costs must also be counted
http://www.publictechnology.net/content/698http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_NETSKY.P&Vsect=T#email
31Version 1.0 – Trend Micro Confidential
Review Answer 1.5
• List the things on your PC network you should protect• Examples of such assets include:
– Trade names, logos, or slogans.
– Budgets, business plans, and marketing plans.
– Customer lists or employee information.
– Audio, visual, and documentary content.
– Formulas, designs, or methods.
– Research, and developmental or experimental work.
– Software, databases, and data and source code.
– All other material that can be copyrighted, patented, or trademarked.
http://www.workz.com/content/view_content.html?section_id=531&content_id=5453
32Version 1.0 – Trend Micro Confidential
Review Answer 1.6
• List methods you can use to protect yourself against attacks.
What advice would you give to a non-technical friend or colleague who seems to be suffering from malware attacks? Make a list of actions he or she should carry out. What would be top of the list?
1. Use anti-malware software
2. Turn on a firewall to prevent network viruses
3. Don’t open suspicious emails
4. Don’t provide banking information or credit card details to people requesting them in emails
http://www.ixdownload.com/forums/security/834-how-spot-prevent-being-fooled-email-spam-malware-attacks.html
33Version 1.0 – Trend Micro Confidential
Review Answer 1.7
• Outline a policy for protecting a business network
A Policy is a formal, brief, and high-level statement or plan that embraces an organization’s general beliefs, goals, objectives, and acceptable procedures for a specified subject area.
Policy attributes include the following:
• Require compliance (mandatory)
• Failure to comply results in disciplinary action
• Focus on desired results, not on means of
implementation
• Further defined by standards and guidelineshttp://www.sans.org/reading_room/whitepapers/policyissues/developing-security-policies-protecting-corporate-assets_490
http://www.sans.org/security-resources/policies/Policy_Primer.pdf
34Version 1.0 – Trend Micro Confidential
Review Answer 1.8
• List the features that a good anti-malware product should have
Support for XP, Vista, and 7 (32-bit and 64-bit).
Fast scanning.
Ability to perform full scans for all drives.
Database updates released daily.
Quarantine to hold threats and restore them at your convenience.
Exclude list for the scanner
A small list of extra utilities to help remove malware manually.
Works together with other anti-malware utilities.
Context menu integration to scan files on demand.
Low impact on normal performance of the PC
http://www.malwarebytes.org/mbam.php
36Version 1.0 – Trend Micro Confidential
Trend Micro Worry-Free Business Security
Chapter 2Product Overview
37Version 1.0 – Trend Micro Confidential
You will be able to
1. State the benefits of WFBS
2. Explain how Worry Free provides protection against today's coordinated threats
3. Position the WFBS product within the Trend Micro product range
4. Describe the Client/Server architecture of WFBS
5. Describe the “Smart Protection Network”
6. Describe what’s in Worry Free up to and including version 6 Service Pack 3
75Version 1.0 – Trend Micro Confidential
Review Question 2.1
State the benefits of WFBS
What are the 3 basic benefits of WFBS? Give a simple sales pitch.
76Version 1.0 – Trend Micro Confidential
Review Question 2.2Explain how Worry Free provides protection against today's coordinated threats
1. POP3 Mail Scan in Client/Server Security Agent and IMAP Mail Scan in Messaging Security Agent Protection for Messaging SecurityAgent for Microsoft™ Exchange Servers
2. Antivirus and Anti-spyware Scan Engines along with Pattern Files inClient/Server Security Agent and Messaging Security Agent
3. Firewall in Client/Server Security Agent
4. Web Reputation and TrendProtect in Client/Server Security Agent
5. Behavior Monitoring in Client/Server Security Agent
6. Transaction Protector in Client/Server Security Agent
7. IM Content Filtering in Client/Server Security Agent
8. Firewall in Client/Server Security Agent
PROTECTION
• Match the letters with the numbers
A. Virus/Malware. Virus, Trojans,Worms, Backdoors, and RootkitsSpyware/Grayware. Spyware,Dialers, Hacking tools, Passwordcracking applications, Adware, Jokeprograms, and Keyloggers
B. Virus/Malware and Spyware/Graywaretransmitted through email messagesand spamC. Network Worms/Viruses
D. Intrusions
E. Conceivably harmful Websites/Phishing sites
F. Malicious behaviour
G. Fake access points
H. Explicit/restricted content in IMapplications
THREAT
77Version 1.0 – Trend Micro Confidential
Review Question 2.3
Position the WFBS product within the Trend Micro product range
What are the benefits of Worry Free Remote Manager?
78Version 1.0 – Trend Micro Confidential
Review Question 2.4Describe the Client/Server architecture of WFBS
G
A
B C D E F
• Pick out the false statements:• In a typical configuration with WFBS 6 SP3 installed on all computers
1. A sends pattern updates to B – G only2. G has a Client Server Security Agent3. B accesses the Client database on G using HTTP4. G sends pattern updates to B – F5. A accesses the Client database on A using HTTP6. B - G access the Client database on A using HTTP7. G has a Messaging Security Agent8. A has a Client Server Security Agent
Windows 2008 server
Windows XP and Win 7 PCsExchange Server
79Version 1.0 – Trend Micro Confidential
Review Question 2.51. Describe the “Smart Protection Network”
What are two key benefits of the Smart Protection Network?
80Version 1.0 – Trend Micro Confidential
Review Question 2.6Describe what’s in WFBS up to and including version 6 Service Pack 3
A Protects users when working on the Internet
B Protects users when working wirelessly
C Protects users when working out of the office
D Protects users against viruses regardless of location
E Protects users when chatting
F Protects users when doing online banking
1 Web reputation
4 Wi Fi Advisor
7 Location Awareness
2 Behaviour Monitoring
3 IM Protection
6 Smart and Conventional Scan
5 Transaction Protect
81Version 1.0 – Trend Micro Confidential
Review Question 2.7Describe what’s in WFBS up to and including version 6 Service Pack 3
What’s the difference between URL filtering and Web Reputation
82Version 1.0 – Trend Micro Confidential
Review Answers 2.1
What are the 3xS benefits of WFBS?
82
Trend Micro Worry-Free Business Security Advanced (WFBS) protects small business
users and assets from data theft, identity theft, risky Web sites, and spam. Powered by
the Trend Micro™ Smart Protection Network, Worry-Free Business Security Advanced
is:
• Safer:
Stops viruses, spyware, spam, and Web threats from reaching computers or
servers. URL filtering blocks access to risky Web sites and helps improve user
productivity.
• Smarter:
Fast scans and continuous updates prevent new threats, with minimal
impact to users’ PCs.
• Simpler:
Easy to deploy and requiring zero administration, WFBS detects threats
more effectively so that you can focus on business instead of security.
83Version 1.0 – Trend Micro Confidential
Review Answer 2.22. Explain how Worry Free provides protection against today's
coordinated threats
83
A 2B 1C 3D 8E 4F 5G 7
84Version 1.0 – Trend Micro Confidential
Review Answer 2.3
Position the WFBS product within the Trend Micro product range
What are the benefits of Worry Free Remote Manager?
Resellers now have the option to install a Worry-Free Remote Manager Agent that allows them to remotely manage a number of WFBS Security Server and HES installations on behalf of different customers.
85Version 1.0 – Trend Micro Confidential
Review Answer 2.4
G
A
B C D E F
• Pick out the false statements:• In a typical configuration with WFBS 6 SP3 installed on all computers
1. A sends pattern updates to B – G only F2. G has a Client Server Security Agent T3. B accesses the Client database on G using HTTP F4. G sends pattern updates to B – F F5. A accesses the Client database on A using HTTP T6. B - G access the Client database on A using HTTP T7. G has a Messaging Security Agent T8. A has a Client Server Security Agent T
Windows 2008 server
Windows XP and Win 7 PCsExchange Server
86Version 1.0 – Trend Micro Confidential
Review Answer 2.51. Describe the “Smart Protection Network”
What are two key benefits of the Smart Protection Network?
Stronger, Faster Protection. Lighter on Your System Resources.
The Trend Micro Smart Protection Network lightens the demand on your system resources by leveraging cloud-based technology to block Web threats before they even reach you, providing stronger protection while reducing your reliance on time-consuming signature-downloads.
Better Together Security.
The Trend Micro Smart Protection Network is constantly updated and strengthened as more users access the network, providing "better together" security.
http://emea.trendmicro.com/emea/technology/smart-protection-network/key-benefits/
87Version 1.0 – Trend Micro Confidential
Review Answers 2.6
A Protects users when working on the Internet
B Protects users when working wirelessly
C Protects users when working out of the office
D Protects users against viruses regardless of location
E Protects users when chatting
F Protects users when doing online banking
1 Web reputation
3 IM Protection
7 Location Awareness
2 Behaviour Monitoring
4 Wi Fi Advisor
6 Smart and Conventional Scan
5 Transaction Protect
Describe what’s in WFBS up to and including version 6 Service Pack 3
88Version 1.0 – Trend Micro Confidential
Review Answer 2.7Describe what’s in WFBS up to and including version 6 Service Pack 3
What’s the difference between URL filtering and Web Reputation
URL Filtering WFBS 6.0’s URL Filtering feature lets administrators control access to websites based on their rating. Filter strength can be set to high, medium, low, or custom settings, and by business and leisure hours.
Web Threat Protection Uses the latest Web Reputation technology to assess the security risk of all Web URL requests. Web Threat Protection stops malware real-time, at the source, before it can be downloaded from the Internet. Unique to Trend Micro. 5.1: Enhanced feedback loop mechanism for unknown Web threats, part of the Smart Protection Network.
89Version 1.0 – Trend Micro Confidential
Exercise
• Try the Trend Micro recommender – see if you can get it to recommend you use Worry Free:
http://recommender.trendmicro-europe.com/