14 THINGS TO CHEK WHEN A SYSTEM GETS COMPROMISED
THESECMASTER
Information security is a very crucial aspect in business management that has always remained at risk of attack. Once a system is compromised, it loses its confidentiality, integrity, and, at times, availability which damages normal business processes. We have listed 14 things to check when a system gets compromised.
* #1. Check For Unusual Accounts Created, Especially In The Administrator’s Group
* #2. Check For Unusual Big Files On The Storage, Bigger Than Five GB
* #3. Check For Any Unusual Files Added Recently In System Folders
* #4. Check For Files Using The “Hidden” Attribute Property
* #5. Check For Unusual Programs Launched At Boot Time In The Windows Registry
Contents :
#6. Check All Running Processes For Unusual/Unknown Entries, Especially Processes With Username “System” And “Administrator.”
* #7. Check User’s Autostart Folders
* #8. Check For Unusual/Unexpected Network Services Installed And Started
* #9. Check For Unusual Network Activity
* #10. Check At The Opened Sessions On The Machine
* #11. Check For Unusual Automated Tasks
* #12. Check For Unusual Log Entries
* #13. Check For Any Rootkit
* #14. Run An Anti-Virus Product On The Whole Disk To Check For Any Malware
Contents :
Tumblr
Telegram
Medium
Twitter
LinkedIn
Facebook
FOLLOW US:
THESECMASTER