After seeing my result assessment I was actually surprise from my results. My personal computer (PC) actually received “severe risk” and “blank or weak password” which it actually makes sense because everyone in the house uses the computer; I decide to use because my brand new laptop will not giving the results I’m looking for. In addition, the house PC does not have a password except on my parent’s accounts so I was bound to receive a red flag for bad security practice. After doing assessment I actually suggest we all open our own accounts and create passwords on it. Not having password on this computer is actually a bad idea because anybody can have access to personal family information. I’ve decided to make my password a bit challenging with special characters so that it’s not easy to be compromised. For a personal example, this makes a lot of sense why my job have a mandatory policy of changing their computer password every 60 days that is follow by the employees. This is a rule I will try and incorporate on my PC and laptop to help provide a better security. 2. What does MBSA do to check for weak local account passwords? From my pass experience with password cracking with brute force and dictionary attack, I believe MBSA used dictionary attack to figure out how challenging my password it. This part of this assessment took a little while to run because MSBA was running a test of different words in the dictionary. b. Why is it important to have a strong password on local user accounts especially in a corporate environment? The reason why it’s important to have a strong password on a local user accounts especially in a corporate environment is because of the sensitive information that an organization may deal with. Having a weak password makes it easy for hackers to crack your password and compromise the whole corporate information and network. Having a combination of special character, numbers, and letters makes it difficult for unauthorized users to gain access to unauthorized network. c. Explain why it is important to have a password expiration policy set. It’s very important to have a password expiration policy set because it force user to keep changing their password. This makes it difficult for user to gain access to information. However, one thing do like about password expiration policy is that if a hacker by any chance happen to crack down your password the hacker will have to figure it out again depending on how frequently the user will have to change their password. 3. Malware can affect a computer in multiple ways. Having automatic updates turned off, not allowing Windows to update, and disabling the Windows firewall and setting exceptions in the Windows firewall are all tell-tale signs of this. Explain a. how malware is able to accomplish this, and b. also what type of malware could be used. Please be as specific and fact-based as possible regarding types …show more content…
Destructive malware will utilize popular communication tools to spread, including worms sent through email and instant messages, Trojan horses dropped from web sites, and virus-infected files downloaded from peer-to-peer connections. Malware will also seek to exploit existing vulnerabilities on systems making their entry quiet and easy (Malware). Malware is able to accomplish this by its works to remain unnoticed, either by actively hiding or by simply not making its presence on a system known to the user. The type of malware that could be used is a Rootkit Malware. A rootkit is a type of software designed to hide the fact that an operating system has been compromised, sometimes by replacing vital executable. Rootkits allow viruses and malware to “hide in plain sight” by disguising as necessary files that your antivirus software will overlook (What is a Rootkit Virus?). Owners are able to implement files, monitor what’s being down on the computer and change the systems on the