Please log in or register to answer this question.

1 Answer

0 votes
Testing Ransomware
  • The features to be considered when testing the ability of a security solution to detect ransomware:

    • At what point the ransomware is detected? (pre-execution or post-execution)

    • What kind of damage the ransomware was able to inflict before it was detected?

  • To evaluate the impact of a file encryptor ransomware sample, a realistic file system (preferably with a large volume of files in every directory) is required before starting the testing phase.

    • For example, the file system could include a documents folder, a pictures folder, and so on (files can be duplicated and renamed for the purpose).

    • This will facilitate the evaluation of:

      • The ability of the security solution/product to roll back the effects of the attack.
  • It is safest to test ransomware by using the "one at a time" method.

Related questions

0 votes
asked Feb 20 in Technology by JackTerrance
0 votes
asked Jul 11, 2021 in Technology by JackTerrance
0 votes
asked Jul 10, 2021 in Technology by JackTerrance