What specific software can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus?

Z6_M0I02JG0KGSS30ACT8MPG200G1

Application patch management : Any software is inherently prone to vulnerabilities. Therefore, software manufacturers provide updates or patches to the software from time to time. These updates usually take care of any known vulnerabilities. Therefore, it is important to apply these updates. Additional functionality is also one of the reasons for applying software updates. However, many times, it is not the compelling reason to apply the updates.

4.2 Carry out appropriate procedures to establish host security

In addition to protecting the hardware, the operating system on the host must also be protected. This can be achieved through a five-step process:

1. 1. Develop the security policy.

2. 2. Perform host software baselining.

3. 3. Configure operating system security and settings.

4. 4. Deploy the settings.

5. 5. Implement patch management.

Operating system software has continued to add security protections to its core set of features. In addition, there are third-party anti-malware software packages that can provide added security.

Anti-Virus : This software can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus this action is performed when files are opened, created, or closed. If a virus is detected, options generally include cleaning the file of the virus, quarantining the infected fire, or deleting the file. Anti-virus scan files by attempting to match known virus patterns or signatures against potentially infected files. Software contains a virus scanning engine and a regularly updated signature file. The Anti-virus software vendor extracts a sequence of bytes found in the virus as a virus signature. Signatures from all the different computer viruses are organized in a database, which the virus scanning engine uses to search predefined areas of files.

Anti-Spam : Spammers can distribute malware through their e-mail messages as attachments and use spam for social engineering attacks. Different methods for filtering spam exist on the host to prevent it from reaching the user. One method of spam filtering is to install separate filtering software that works with the e-mail client software. Host e-mail clients can be configured to filter spam, such as creating or downloading a list of senders from which no e-mail is to be received (blacklist), create a list from which only e-mail can be received,or block e-mail from entire countries or regions.

Pop-up Blockers and Anti-Spyware : A pop-up is a small Web browser window that appears over the Web site that is being viewed. Most pop-up windows are created by advertisers and launch as soon as a new Web site is visited. A pop-up blocker can be either a separate program or a feature incorporated within a browser that stops pop-up advertisements from appearing. As a separate program, pop-up blockers are often part of a package known as anti-spyware that helps prevent computers from becoming infected by different types of spyware.

Host-based firewalls : A firewall can be software-based or hardware-based. A host-based software firewall runs as a program on a local system to protect it against attacks.

Application patch management : Any software is inherently prone to vulnerabilities. Therefore, software manufacturers provide updates or patches to the software from time to time. These updates usually take care of any known vulnerabilities. Therefore, it is important to apply these updates. Additional functionality is also one of the reasons for applying software updates. However, many times, it is not the compelling reason to apply the updates.

Hardware security : Hardware security is the physical security that involves protecting the hardware of the host system, particularly portable laptops, netbooks, and tablet computers that can easily be stolen.

A cable lock can be inserted into a slot in the device and rotated so that cable lock is secured to the device, while a cable connected to the lock can then be secured to a desk or chair.

When storing a laptop, it can be placed in a safe, which is a ruggedized steel box with a lock. The sizes typically range from small (to accommodate one laptop) to large (for multiple devices).

Locking cabinets can be prewired for electrical power as well as wired network connections. This allows the laptops stored in the locking cabinet to charge their batteries and receive software updates while not in use.

Secure Mobile Devices

Screen lock : Uses a password to lock the device. This prevents a thief from using a stolen device.

Proximity lock : Automatically locks your mobile device or smart-phone when you are away from the phone. It uses a proximity sensor that you may personally carry such as a blue tooth device. Strong password. Any time a password is used to protect a mobile device (or any device or system), it should be strong. This means they are at least eight characters and include multiple character types, such as upper case, lower case, numbers, and symbols. Data encryption. Encryption protects the confidentiality of data and smart-phone security includes device encryption to protect the data against loss of confidentiality. It's possible to selectively encrypt some data on a system, an entire drive, or an entire device.

Remote wipe : Remote wipe capabilities are useful if the phone is lost. The owner can send a remote wipe signal to the phone to delete all the data on the phone. This also deletes any cached data, such as cached online banking passwords, and provides a complete sanitization of the device, ensuring that all valuable data is removed.

Voice encryption : It's possible to use voice encryption with some phones to help prevent the interception of conversations Global positioning system (GPS) tracking. A GPS pinpoints the location of the phone. Many phones include GPS applications that you can run on another computer. If you lose your phone, GPS can help you find it. If the data is sensitive, you use remote wipe feature to erase the data on the mobile. This is useful to know before you send a remote wipe signal.

Cable locks can secure a mobile computer. They often look about the same as a cable lock used to secure bicycles. Locked cabinet. Small devices can be secured within a locked cabinet or safe. When they aren't in use, a locked cabinet helps prevent their theft.

Strong password : Any time a password is used to protect a mobile device (or any device or system), it should be strong. This means they are at least eight characters and include multiple character types, such as upper case, lower case, numbers, and symbols.

Antivirus software is a class of program designed to prevent, detect and remove malware infections on individual computing devices, networks and IT systems.

Antivirus software, originally designed to detect and remove viruses from computers, can also protect against a wide variety of threats, including other types of malicious software, such as  keyloggers, browser hijackers, Trojan horses, worms, rootkits, spyware, adware, botnets and ransomware.

How antivirus software works

Antivirus software typically runs as a background process, scanning computers, servers or mobile devices to detect and restrict the spread of malware. Many antivirus software programs include real-time threat detection and protection to guard against potential vulnerabilities as they happen, as well as system scans that monitor device and system files looking for possible risks.

Antivirus software usually performs these basic functions:

• Scanning directories or specific files for known malicious patterns indicating the presence of malicious software;
• Allowing users to schedule scans so they run automatically;
• Allowing users to initiate new scans at any time; and
• Removing any malicious software it detects. Some antivirus software programs do this automatically in the background, while others notify users of infections and ask them if they want to clean the files.

In order to scan systems comprehensively, antivirus software must generally be given privileged access to the entire system. This makes antivirus software itself a common target for attackers, and researchers have discovered remote code execution and other serious vulnerabilities in antivirus software products in recent years.

Types of antivirus programs

Antivirus software is distributed in a number of forms, including stand-alone antivirus scanners and internet security suites that offer antivirus protection, along with firewalls, privacy controls and other security protections.

Some antivirus software vendors offer basic versions of their products at no charge. These free versions generally offer basic antivirus and spyware protection, but more advanced features and protections are usually available only to paying customers.

While some operating systems are targeted more frequently by virus developers, antivirus software is available for most OSes:

• Windows antivirus software. Most antivirus software vendors offer several levels of Windows products at different price points, starting with free versions offering only basic protection. Users must start scans and updates manually and typically free versions of antivirus software won't protect against links to malicious websites or malicious attachments in emails. Premium versions of antivirus software often include suites of endpoint security tools that may provide secure online storage, ad blockers and file encryption. Since 2004, Microsoft has been offering some kind of free antivirus software as part of the Windows operating system itself, generally under the name Windows Defender, though the software was mostly limited to detecting spyware prior to 2006.
• macOS antivirus software. Although macOS viruses exist, they're less common than Windows viruses, so antivirus products for macOS are less standardized than those for Windows. There are a number of free and paid products  available, providing  on-demand tools to protect against potential malware threats through full-system malware scans and the ability to sift through specific email threads, attachments and various web activities.
• Android antivirus software. Android is the world's most popular mobile operating system and is installed on more mobile devices than any other OS. Because most mobile malware targets Android, experts recommend all Android device users install antivirus software on their devices. Vendors offer a variety of basic free and paid premium versions of their Android antivirus software including anti-theft and remote-locating features. Some run automatic scans and actively try to stop malicious web pages and files from being opened or downloaded.

Virus detection techniques

Antivirus software uses a variety of virus detection techniques.

Originally, antivirus software depended on signature-based detection to flag malicious software. Antivirus programs depend on stored virus signatures -- unique strings of data that are characteristic of known malware. The antivirus software uses these signatures to identify when it encounters viruses that have already been identified and analyzed by security experts.

Signature-based malware cannot detect new malware, including variants of existing malware. Signature-based detection can only detect new viruses when the definition file is updated with information about the new virus. With the number of new malware signatures increasing at around 10 million per year as long ago as 2011, modern signature databases may contain hundreds of millions, or even billions, of entries, making antivirus software based solely on signatures impractical. However, signature-based detection does not usually produce false positive matches.

Heuristic-based detection uses an algorithm to compare the signatures of known viruses against potential threats. With heuristic-based detection, antivirus software can detect viruses that haven't been discovered yet, as well as already existing viruses that have been disguised or modified and released as new viruses. However, this method can also generate false-positive matches when antivirus software detects a program behaving similarly to a malicious program and incorrectly identifies it as a virus.

Antivirus software may also use behavior-based detection to analyze an object's behavior or potential behavior for suspicious activities and infers malicious intent based on those observations. For example, code that attempts to perform unauthorized or abnormal actions would indicate the object is malicious, or at least suspicious. Some examples of behaviors that potentially signal danger include modifying or deleting large numbers of files, monitoring keystrokes, changing settings of other programs and remotely connecting to computers.