Table 5-1
A model virus outbreak plan
Task
Respond to unknown viruses.
Understand security solutions.
Have a backup plan.
Responding to virus outbreaks
Preparing for a virus outbreak
Description
If you cannot identify a suspicious file as a virus by
examining the logs, and the latest virus definitions
files do not clean the file, go to http://
securityresponse.symantec.com and look at the
Latest Virus Threats and Security Advisories areas
for news.
In addition to understanding your network topology,
you need to understand your implementation of
Symantec AntiVirus as well as the implementation of
any other security products that are used on your
network.
Consider the following questions:
What security programs are protecting network
■
servers and workstations?
What is the schedule for updating virus
■
definitions?
What alternative methods of obtaining updates
■
are available if the normal channels are under
attack?
What log files are available for tracking viruses
■
on your network?
In the event of a catastrophic virus infection, you
may need to restore servers and clients to be sure that
your network has not been compromised. Having a
backup plan in place to restore critical computers is
essential.
173