Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

FAQ

 

This page is intended to answer the Frequently Asked Questions (FAQs) about Sri Lanka CERT|CC and will be updated periodically. Additional questions and your suggestions are welcome. Please E-mail them to cert@cert.gov.lk

 


Section 1 - General Information


Q: What is an incident?
A computer security incident is any event which may cause harm to your computer system or network.


Q: What are the most common incidents?
• Unauthorized access
• Denial of service/disruption
• Site defacing
• Phishing (See Glossary)
• Virus attacks


Q: Are there any basic rules/steps for making my computer safe?
There are certain steps you can take to make your home computer less vulnerable. Please read the article in our knowledgebase-Security for Home Computers.


Q: How can I trust a download?
Most trusted sources which provide downloadable files to their customers ensure that the transferred file has arrived intact, by providing a pre-computed hash value (e.g. MD5, SHA-1) for the file, so that a user can compare the checksum of the downloaded file to it.


Q: Can I get a virus on my mobile phone or PDA?
Yes. There are mobile phone viruses specifically adapted for the cellular environment and designed to spread from one vulnerable phone to another.
Attacking a PDA is not as easy as attacking a PC. Because the operating system is in ROM.The art of exploiting PDAs is relatively new. PDAs running Windows have been compromised, using Cabinet files and the Auto run feature of removable media cards to introduce malicious programs. Pocket Internet Explorer can be used to trick users into revealing personal information. Additionally, Soft Input Panel (SIP) that substitutes for a hardware keyboard on Pocket PCs can easily be replaced by a seemingly identical program that logs keystrokes.


Q: What is spam, and how can I prevent it?
Spam is unsolicited e-mail that crowds inboxes with unwanted and objectionable materials. Spam can hinder e-mail communication by making valid e-mail messages difficult to identify.
Deploy a spam filter for your email client or inform your email service provider to filter your emails for spasm at the server end.


Q: My PC seems sluggish. What could be wrong?
Sometimes you may feel that your computer is not as quick as it used to be, things take forever or funny messages pop up etc. A few basic checks will help you to recover from it by your self before you call for assistance from a computer expert.
i. Check the available memory. For example, If you are running Windows XP with 128 MB of memory or less, you are asking for trouble.
ii. Various applications and web sites continually create “temporary” files on your PC but fail to delete them. You can use “Disk clean up” function to clear many of them in Windows.
iii. The Registry is the “heart” of your operating system; it continually gets “clogged” with outdated entries left there by careless applications; incomplete uninstall procedures, etc. Acquire a quality registry cleaner and run it periodically (Take a Restore Point before using it).
iv. Run a full virus scan periodically to make sure nothing has “sneaked through”. Set your virus scanner for automatic updates (if supported).
v. Run Defragmentation periodically, especially if your hard drive is crowded (not as critical as sometimes portrayed on very large drives with lots of free space).


Q: Why should I bother about computer security now?
Computer security is required because most organizations can be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated. These include:
• Damage or destruction of computer systems.
• Damage or destruction of internal data.
• Loss of sensitive information to hostile parties.
• Use of sensitive information to steal items of monetary value.
• Use of sensitive information against the organization's customers which may result in legal action by customers against the organization and loss of customers.
• Damage to the reputation of an organization.
• Monetary damage due to loss of sensitive information, destruction of data, hostile use of sensitive data, or damage to the organization's reputation.

 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.