1.8 KiB
1.8 KiB
TRB-4: PC Security Symptoms
Status: not started
Domain:
- 3.0 Software Troubleshooting
Objective alignment:
- 3.4 Troubleshoot common PC security issues
What You Need To Know
Security troubleshooting questions often describe symptoms instead of naming malware.
PC symptoms:
- Cannot access the network
- Desktop alerts
- Fake antivirus warnings
- Files are altered, missing, renamed, or inaccessible
- Unwanted OS notifications
- OS update failures
Browser symptoms:
- Frequent pop-ups
- Certificate warnings
- Redirection
- Degraded browser performance
Memory Trick
Use FAN-B:
- Files changed
- Alerts are fake
- Network blocked
- Browser redirects
Shortcut:
- Fake alerts plus changed files or redirects means assume compromise until verified.
Common Causes
Malware:
- Fake antivirus
- Ransomware
- Spyware
- Adware
- Browser hijackers
Misconfiguration:
- Bad proxy setting
- Wrong DNS setting
- Expired certificate or wrong system time
- Firewall or security tool blocking traffic
Compromised account:
- Unexpected sync changes
- Unauthorized browser extensions
- New login alerts
Response Flow
- Identify symptoms.
- Disconnect from the network if active compromise is suspected.
- Preserve evidence when policy requires it.
- Run trusted security tools.
- Remove or quarantine threats.
- Update OS, browser, and security software.
- Change passwords from a known-clean device if credentials may be compromised.
- Document findings and actions.
Exam Clues
- Pop-ups and redirects point to adware or browser hijacking.
- Inaccessible renamed files point to ransomware.
- Certificate warnings can be malicious, misconfigured, or caused by wrong system time.
- OS update failure may be caused by malware, corruption, or network problems.