6.3.1.5. Disable Windows AutoPlay Feature.
6.3.1 Proceed to Containment Phase
6.3.1.5. Disable Windows AutoPlay Feature.
6.3.1.5.1. Via GPO
6.3.1.5.2. Via Registry
6.3.1.5.3. Via SEP Application Control Policy
6.3.1.1. VLAN Containment to monitored route.
6.3.1.10. Move the infected clients to a "quarantine" client group.
6.3.1.2. Gateway Firewall Rules and ACL restrictions
6.3.1.3. Endpoint Protection Policy Modification
6.3.1.4. Close any open shares
6.3.1.6. Restrict the use of writable USB drives
6.3.1.7. Restrict the writing of .lnk files to USB and
6.3.1.8. Restrict the writing of autorun.inf files to USB and
6.3.1.9. Create custom firewall rules to prevent the threat from
Sep 21, 2010 9:15 AM
By
Efrain Ortiz