Scribd
Upload
38 views

Contributed 7

Uploaded by

Fares Salman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
38 views

Contributed 7

Uploaded by

Fares Salman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Contributed 6/9/99 by Matthew M.

Dudkowski
<[email protected]> Virus Detection Audit
Program Prepared By ___ Date____________ Engagement
Team Name Initials I. Planning 1. Schedule an
opening meeting with the appropriate MIS management
for the area under audit to discuss the scope and
approach for the audit. 2. Prepare an audit program
and time budget. 3. Review the scope and audit
program with management prior to beginning field
work. II. Anti-virus Software 1. Obtain corporate
anti-virus policy. This should identify the
following: a) Policy definition and dissemination
b) Education for end users on how to use the
software c) Education and training of network
administrators and help desk personnel d)
Procedures end-users must take when a virus is
detected 2. Obtain an understanding of the current
network architecture and design by acquiring a copy
of the network map for all locations. Identify all
network resources where computer viruses could
potentially enter the Client Intranet either
internally or via the Internet. This include the
following: a) e-mail attachments from within and
outside of the company b) employees bringing in an
infected diskette from home c) employees bringing
in shrink wrapped software from a vendor that has
been infected at the factory. d) contractors
bringing in infected disks from the outside
Evaluate whether networks are vulnerable to
computer viruses, worms, or other kinds of security
threats. 3. Select a sample of internal PCs and
validate that anti-virus protection software is
installed at the desktop level. Verify that the PC
is running the latest version of the anti-virus
protection software. 4. Select a sample of internal
PCs and run the anti-virus protection software
noting if any PCs have infected files. 5. Select a
number of public network drives and run the anti-
virus detection software noting if any network
servers have infected files. 6. Obtain an
understanding of the UNIX environment, specifically
in regards to storage of files for the PC
environment. a) inquire as to the procedures of
scanning files for viruses which are stored on UNIX
servers 7. Evaluate security concerning the Windows
NT Viruswall server a) Choose File Manager then
select Disk Administrator to make sure the server
is using NTFS as its file allocation scheme. If it
uses FAT in any disk partition, it is not secured.
b) Check built in accounts (Administrator etc.)
Review policies (length of passwords, expiration
period, etc.) Review built in group memberships
(Dumpall utility) Review rights for all accounts.
c) Check "users" rights and permissions. (use the
Dumpall utility). d) Evaluate security features of
the antivirus application residing on the Viruswall
server. e) Determine which services are running on
the NT server. f) Determine if the most current
version of the virus signatures are loaded on the
VirusWall.

You might also like