How to Manual Unit 9- Maintenance and Troubleshooting

Essay by creep69 January 2010

download word file, 7 pages 0.0

Downloaded 878 times

Unit 9:"Maintenance and Troubleshooting"1.List and describe the eight virus types. Be sure to include information about how they are spread, and potential damage they can cause.

(1.) BIOS virus - This virus is designed to attach computers with Flash BIOS. Potential damage includes; rewriting the BIOS code so the computer does not boot.

(2.) Boot sector (MBR) virus - These viruses spread whenever the user boots off a disk. The virus replaces or alters information in boot sectors or in the Master Boot Record.

(3.) File virus - Replaces or attaches itself to a file that has a COM or EXE extension (executable file). And be triggered for a particular event such as a date, load into the RAM and affect other COM or EXE files. Attaching itself to this type of file, a virus can prevent the program from starting or operating properly.

(4.) Macro virus - Written in a specific language and attaches itself to a document created in a specific application (Excel or Word).

Once the infected document is opened and loaded into memory, the virus can attach itself to other documents.

(5.) Trojan horse program - Before a Trojan horse program can attack, it must first find a way to entice the victim to copy, download and run it. Few people knowingly run a malicious program, Trojan horses must disguise themselves as other programs that the victim believes to be harmless (games, utilities, or popular applications). It can access files, folders, or your entire system. Trojans create a "backdoor" or a "trapdoor," which can be used to send your personal information to a hacker at another location for use at a later date.

(6.) Stealth virus - When an antivirus program runs, a stealth virus hides itself in memory and uses various tricks to also hide changes it has made to any files or boot records. The virus may maintain a copy of the original, uninfected data and monitor system activity. When the program attempts to access data that has been altered, the virus redirects it to a storage area maintaining the original, uninfected data.

(7.) Polymorphic virus - A virus that changes its virus signature (binary pattern) every time it replicates and infects a new file in order to keep from being detected by an antivirus program. Every time it infects a legit executable file it does so by altering the appended malicious code, in order to avoid antivirus detection. It is also able to append its code at random locations inside the legit executable, a technique called mid-infecting.

(8.)Worm virus - This is a program which copies itself across a network. A computer worm can spread without a host program, although some modern computer worms also use files to hide inside. A worm virus is malicious software program that can either slow your system down to a crawl or disable it completely. And a worm virus can even freeze or disable entire servers.

2.Describe the purpose of the system restore utility and explain how and when it is used.

System Restore's purpose is to return your system to a workable state without requiring a complete reinstallation and without compromising your data files. The utility runs in the background and automatically creates a restore point when a trigger event occurs. Trigger events include application installations; auto update installations, utility recoveries, and manual creations of restore points. The utility also creates restore points once a day by default.

3.Explain how to find the latest error codes for your motherboard.

I do not know, because I cannot find my own.

4.List at least four tips you might suggest to a user after a repair.

(1.) Every now and then make a restore point manually(2.) Always make a restore point before installing new software. In addition to new software, also make a restore point before installing a new version of existing software and prior to installing bug fixes (patches and updates).

(3.) Start the machine and use the F8 key to start "Windows Advanced Options menu" just as if you were going into safe mode. Then chose the option to boot to "Safe Mode with Command Prompt". This disables more of Windows than regular Safe Mode does.

(4.) Try booting to "Safe Mode with Command Prompt" now, while everything is working correctly.

5.Explain how to identify, prevent, and troubleshoot virus problems.

(1.) Identifying a virus; Try a scan in safe mode and that should handle most any infection. You can visit an online scan to see it you have anything worse. Another thing to consider is your refresh rate. Since your icons seem to have little or no info as they appear, could there be things running in the background consuming machine cycles and slowing down your refresh rate?(2.) Preventing a virus; Install a current version of an anti-virus software program (Norton Anti-Virus or McAfee Virus-Scan), keep the virus information file up to date so that the software can recognize new viruses as they appear. Automate the process of updating the virus information, so that your anti-virus software will maintain itself once you install and configure it properly.

(3.) Troubleshooting a virus; (A.) Identify the threat, (B.) Identify the computers infected, (C.) Quarantine the computers infected, (D.) Clean the computers infected, and (E.) Determine infection vector and prevent recurrence.

6.Identify the four procedures for maintaining your operating system. Explain why they are important.

(1.) Scan and remove viruses from your hard drive.

By scanning for viruses a user will not lose files, drives or programs that will be destroyed and the user will lose all data on their OS.

(2.) Use disk cleanup to remove unwanted files from your hard drive.

Disk cleanup is used to remove files that are not in use anymore (temporary internet files).

(3.) Use disk defragmenter to reorganize your file structure on the hard drive.

Files become fragmented because of the way clusters are re-used and allocated on a hard disk. If you delete a file that takes up two clusters, and then write a file that takes four then the new file might be split - two clusters where the old file was, and two clusters somewhere else entirely. Multiply that scenario by thousands of file operations and deletions on your disk every day, with much larger files and you can see that fragmentation can add up very quickly. The result is your machine gradually slowing down.

(4.) Activate Windows firewall to keep computer hackers from accessing your computer.

Windows Firewall is a host-firewall technology that inspects and filters all IP version 4 and IP version 6, network traffic. As a firewall, Windows Firewall tracks the state of each network connection and determines whether the unsolicited incoming traffic should be allowed or dropped. Windows Firewall blocks incoming traffic unless the traffic is a response to a request by the host (solicited traffic) or it is specifically allowed.

7.Explain the steps to maintain and update antivirus software.

(1.) This is the most critical action one can take to reduce the likelihood of an attack. Check all servers at least weekly for compliance with respect to all available Service Packs, patches and hot fixes. Once a bug or vulnerability is made public, hackers begin to search for systems that have not been "patched". The possibility of an attempted assault increases with each passing day.

(2.) Verify that all users have strong passwords. The only thing standing between a potential intruder and complete control of your server is your administrator enabled account password(s). If an attacker can obtain the password for an account with administrator privileges, they can do anything. Each and every account with administrator rights should have a strong password. Individual user accounts should also have strong passwords, but there are human factors which may limit your ability to enforce stricter password policies on the average user.

(3.) Provide at least a minimum level of physical security for all servers. Every server should be behind a locked door with access limited to only those individuals who have a legitimate need for access. When there is no one working at the server console, the console session should be either logged out or "locked" so that a password is required to gain access. The server room should be arranged in a way that people outside the room cannot see the keyboard (thus seeing users/admin passwords).Written evidence of user ID's and passwords should not be left lying around the server room.

(4.) Implement backup procedures for all systems. Create and maintain backup copies of at- least the data files on all servers. Backups should be created regularly using well conceived procedures that should include some form of off-site storage of backup media in case of loss of the facility. Create and maintain a current Emergency Repair Disk (ERD) for all systems. Regularly test your restore procedures to verify that your backups are valid and restorable.

(5.) Use up-to-date anti-virus software. Anti-virus software on a server may not stop hacking attempts, but they can detect many of the "Trojan horse" programs that hackers often use to "sneak" into your systems. After installing anti-virus software, be sure that you routinely update the virus information to ensure that the software will be able to detect all virus, including the most recently discovered ones.

(6.) Block access to/from any unnecessary TCP/UDP (Transmission Control Protocol/ User Datagram Protocol) ports. Use whatever means at your disposal to block access to the ports on your server that there is no legitimate use for. The most common and effective way to block access to these ports is the use of a firewall. Firewalls can be separated into two categories:•Personal Firewall- A "personal" firewall can be installed on the server itself and can be extremely effective at blocking unwanted traffic to and from your server.

•Network Firewall- This type of firewall is placed on the campus network, between your server and the "rest of the world". The network firewall's job is to block access to/from any particular port on your server. Computing and Communications will offer a firewall "service" in the next few months.

References:Schmidt, C. A. (2008). "The Complete A+ Guide to PC Repair". Fourth Edition. Boston: Addison-Wesley. Chapters 12 & 16.

(2009). "What is a Polymorphic Virus". Wise Geek. Retrieved November 14, 2009, from Web site: "What is a Stealth Virus". Wise Geek. Retrieved November 14, 2009, from Web site: "What is disk defragmentation". Windows Microsoft. Retrieved November 16, 2009, from Web site: "What is Anti Virus". Security Search.Com. Retrieved November 16, 2009, from Web site: