Reference Guide
Navigate the Dell Server
42
Total score
5: High Priority
Advanced Threat Prevention Classifications
Advanced Threat Prevention can provide details on the static and dynamic characteristics of files. This
allows administrators to not only block threats, but also to understand threat behavior to further mitigate
or respond to threats.
Type of Threat
Threats are classified by the type of threat - Malware, Dual Use, and Potentially Unwanted Program.
Malware
If the file is identified as a piece of malware, the file should be removed or quarantined as soon as
possible. Verified malware can be further subclassified as one of the following:
Subclass Definition Examples
Backdoor
Malware that provides unauthorized access to a system,
bypassing security measures.
Back Orifice,
Eleanor
Bot
Malware that connects to a central Command and Control
(C&C) botnet server.
QBot, Koobface
Downloader
Malware that downloads data to the host system.
Staged-
Downloader
Dropper Malware that installs other malware on a system.
Exploit
Malware that attacks a specific vulnerability on the system.
FakeAlert
Malware that masquerades as legitimate security software
to trick the user into fixing fake security problems at a
price.
Fake AV White
Paper
Generic Any malware that does not fit into an existing category.
InfoStealer
Malware that records login credentials and/or other
sensitive information.
Snifula
Ransom
Malware that restricts access to system or files and
demands payment for removal of restriction, thereby
holding the system for ransom.
CryptoLocker,
CryptoWall
Remnant
Any file that has malware remnants post removal attempts.