Security Basics mailing list archives
Re: Antivirus- A Corrective Control?
From: Sven von Kreyfeld <Sven_vonKreyfeld () symantec com>
Date: Wed, 10 Aug 2011 16:32:06 +0100
Classical Signature based AV is always a reactive and not a proactive technology. You need to have a signature to detect possible malware. Corrective usually would mean that you correct an action in order to avoid a damage (but malware on a machine or file is already a damage). Preventiv would not allow an infection of a file or machine e.g. system hardening. So I would say AV is always a corrective Control Best regards / Mit freundlichen Grüßen --------------------------------------------------------------------------- - Sven von Kreyfeld (CISSP,MCP,CCSK,ITIL) - Presales Consultant Office: +49-2102-7453828 - Mobile: +49-172-2197042 Email : Sven_vonKreyfeld () symantec com <applewebdata://A3FD7F1A-AECB-4A82-96D1-AA4333DD2CBD/Sven_vonKreyfeld@syman tec.com> Symantec (Deutschland) GmbH - Kaiserswertherstrasse 115 - D-40880 Ratingen Headquarter/Geschäftssitz: Symantec (Deutschland) GmbH-Wappenhalle-Konrad-Zuse-Platz 2-5, D-81829 München Geschäftsführer/Managing Directors: Andreas Zeitler, Austin McCabe, Kristen Laubscher Registriert unter Amtsgericht München/Registered at Regional Court Munich, HRB 148165 This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Exklusive Informationen für Öffentliche Auftraggeber: http://www.emea.symantec.com/oeffentliche-verwaltung/ Am 10.08.11 09:15 schrieb "kartik.netsec () gmail com" unter <kartik.netsec () gmail com>:
Hi, I have a confusion whether Antivirus is a Preventive control or a Corrective control? I am preparing for CISSP and somewhere I have read that AV is a corrective control. I somehow disagree with this point. I believe AV can only be a corrctive control if the machine (without AV) gets infected and then AV software is installed on it. On the other hand, a machine already having an AV installed should be taken as a Preventive control. Any inputs please? Thanks, Kartik ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f7 27d1 ------------------------------------------------------------------------
Attachment:
smime.p7s
Description:
Current thread:
- Antivirus- A Corrective Control? kartik . netsec (Aug 10)
- Re: Antivirus- A Corrective Control? Todd Haverkos (Aug 10)
- Re: Antivirus- A Corrective Control? Sven von Kreyfeld (Aug 10)
- RE: Antivirus- A Corrective Control? Omar Salvador Alcalá Ruiz (Aug 10)
- RE: Antivirus- A Corrective Control? Mikesch, David A (Aug 10)
- RE: Antivirus- A Corrective Control? David Gillett (Aug 10)
- <Possible follow-ups>
- Re: Antivirus- A Corrective Control? Sandeep Cheema (Aug 10)
- Re: Antivirus- A Corrective Control? Todd Haverkos (Aug 10)
- Re: Antivirus- A Corrective Control? Femi Mogaji (Aug 10)
- Re: Antivirus- A Corrective Control? Jay Scalf (Aug 10)
- RE: Antivirus- A Corrective Control? Ong Chin Ching (Aug 11)
- RE: Antivirus- A Corrective Control? Mikhail A. Utin (Aug 11)
- Re: Antivirus- A Corrective Control? Todd Haverkos (Aug 10)
- Re: Antivirus- A Corrective Control? gold flake (Aug 11)