6.3.1.10. Move the infected clients to a "quarantine" client group.
6.3.1 Proceed to Containment Phase
6.3.1.10. Move the infected clients to a "quarantine" client group.
6.3.1.1. VLAN Containment to monitored route.
6.3.1.2. Gateway Firewall Rules and ACL restrictions
6.3.1.3. Endpoint Protection Policy Modification
6.3.1.4. Close any open shares
6.3.1.5. Disable Windows AutoPlay Feature.
6.3.1.6. Restrict the use of writable USB drives
6.3.1.7. Restrict the writing of .lnk files to USB and
6.3.1.8. Restrict the writing of autorun.inf files to USB and
6.3.1.9. Create custom firewall rules to prevent the threat from
Sep 21, 2010 9:15 AM
By
Efrain Ortiz