Know and understand the operation of removing/quarantining viruses using up to date software

ResourcesSubject NotesInformation Communication Technology ICTLesson Plan
ICT 0417 – Networks and \cdot irus Management

Networks and the Effects of Using Them

Objective

Know and understand the operation of removing/quarantining viruses using up‑to‑date software.

1. What is a Computer \cdot irus?

A computer virus is a malicious program that can replicate itself and spread from one computer to another, often without the user’s knowledge. In a networked environment, viruses can travel quickly between connected devices.

2. How \cdot iruses Spread in Networks

  • File sharing (e.g., shared folders, removable media)
  • Email attachments and links
  • Web downloads and compromised websites
  • Network services (e.g., SMB, FTP)
  • Exploiting unpatched vulnerabilities

3. Functions of Antivirus/Anti‑Malware Software

Function Description
Real‑time scanning Monitors files and processes as they are accessed or executed.
Signature‑based detection Matches code fragments against a database of known virus signatures.
Heuristic analysis Identifies suspicious behaviour or code patterns that may indicate new threats.
Behaviour monitoring Tracks program actions (e.g., unexpected file encryption) and blocks harmful activity.
Cloud‑based lookup Queries remote servers for the latest threat information, reducing the need for frequent local updates.
Quarantine Isolates suspected files in a secure area where they cannot harm the system.
Automatic updates Downloads new virus definitions and software patches regularly.

4. Steps to Remove or Quarantine a \cdot irus

  1. Ensure the antivirus software is up to date. Run the update function before scanning.
  2. Perform a full system scan. Allow the program to examine all files, including hidden and system files.
  3. Review the scan results. Identify files marked as infected, suspicious, or potentially unwanted.
  4. Quarantine the infected files. Move them to the quarantine folder so they cannot execute.
  5. Delete or repair.
    • If a clean backup exists, restore the original file.
    • If no backup is available, delete the file permanently.
  6. Restart the computer in safe mode (if required). Some malware may only be removable when the operating system is running with minimal services.
  7. Run a second scan. Confirm that no further threats remain.
  8. Update all software. Apply the latest patches for the operating system and installed applications.
  9. Document the incident. Record the type of virus, how it entered the network, and the actions taken.

5. Best Practices for Keeping Antivirus Software Up to Date

  • Enable automatic definition updates.
  • Schedule regular full scans (e.g., weekly).
  • Use reputable security suites that include firewall and anti‑phishing tools.
  • Maintain a reliable backup strategy (offline or cloud) to restore clean versions of files.
  • Educate users about safe browsing, email handling, and the risks of downloading unknown files.

6. Impact of Networks on \cdot irus Management

In a networked environment, the speed and reach of a virus can be dramatically increased, but the same network can also be used to distribute protection quickly.

Network Effect Positive Impact Negative Impact
Centralised updates All computers receive the latest antivirus definitions simultaneously. If the update server is compromised, malware can be spread.
Shared resources Quarantined files can be isolated on a dedicated server. Infected files on shared drives can infect multiple users.
Network monitoring Intrusion detection systems can spot unusual traffic patterns. Encrypted traffic may hide malicious activity.
Remote assistance IT staff can clean infected machines without physical access. Remote tools can be hijacked by attackers.

7. Suggested Diagram

Suggested diagram: Flowchart showing the virus removal process from detection to quarantine, repair/delete, and system verification.