Ex. 19 Describe the categories of resident viruses.
Ex. 20 Explain the difference between nonresident and resident viruses.
Ex. 21 Prove the harmful actions of viruses on computers work.
Ex. 22 Discuss the text according to the points:
1. The definition of nonresident viruses.
2. The resident viruses.
3. The categories of resident viruses: fast infectors and slow infectors.
Unit 5
Anti-virus software
I. Vocabulary
Ex. 1 Read and memorize the following words, words combinations and word-groups:
to identify - визначати
remove - видаляти
rootkit – модуль ядра
removable drive – драйвер, що може бути видаленим
database – шина дана
signature based detection – визначення ,що базується на сигнатурах
malicious activity detection – визначення аномалій
heuristic-based detection – визначення основ на емуляції
II. Reading and comprehension
Ex. 2 Read and translate the text
1.Antivirus software (or anti-virus) is computer software used to identify and remove computer viruses, as well as many other types of harmful computer software. While the first antivirus software was designed exclusively to combat computer viruses modern antivirus software can protect computer systems against a wide range of malware, including worms, phishing attacks, rootkits, and Trojans.
2. Many users install anti-virus software that can detect known viruses after the computer downloads or runs the executable. There are two common methods that an anti-virus software application uses to detect viruses. The first, and by far the most common method of virus detection is using a list of virus signature definitions. This works by examining the content of the computer's memory and the files stored on fixed or removable drives (hard drives, floppy drives), and comparing those files against a database of known virus "signatures". The disadvantage of this detection method is that users are only protected from viruses that pre-date their last virus definition update. The second method is to use a heuristic algorithm to find viruses based on common behaviors. This method has the ability to detect viruses that anti-virus security firms have yet to create a signature for.
3. Some anti-virus programs are able to scan opened files in addition to sent and received e-mails 'on the fly' in a similar manner. This practice is known as "on-access scanning." Anti-virus software does not change the underlying capability of host software to transmit viruses. Users must update their software regularly to patch security holes. Anti-virus software also needs to be regularly updated in order to prevent the latest threats.
4. Once a computer has been compromised by a virus, it is usually unsafe to continue using the same computer without completely reinstalling the operating system. However, there are a number of recovery options that exist after a computer has a virus. These actions depend on the type of virus.
5. There are several methods which antivirus software can use to identify malware. Depending on the software, more than one method may be used.
6. Signature based detection. Antivirus software compares the contents of a file to a dictionary of virus signatures. Because viruses can embed themselves in existing files, the entire file is searched, not just as a whole, but also in pieces.
7. Malicious activity detection. Antivirus software monitors the system for suspicious program behavior. If suspicious behavior is detected, the suspect program may be further investigated, using signature based detection or another method listed in this section. This type of detection can be used to identify unknown viruses.
8. Heuristic-based detection is used by more advanced antivirus software. Like malicious activity detection, heuristics can be used to identify unknown viruses. This can be accomplished in one of two ways; file analysis and file emulation. File analysis is the process of searching a suspect file for virus-like instructions. File emulation involves executing a program in a virtual environment and logging what actions the program performs.
Ex. 3 Find in the text where it is said about the points given below. Put down the number of the paragraph
1. Two methods to detect viruses
2. Malicious activity detection
3. The definition of antivirus software
4. Signature based detection
5. The practice which is known as “on-access scanning”
Ex. 4 Find the antonyms to the following words in the text:
1. virus (1)
2. remove (2)
3. sent(3)
4. seldom (3)
5. fixed drives (2)
6. whole(6)
7. known (7)
8. advantages(2)
Ex. 5. Find the terms in the text which describe the following. Put down the number of the paragraph :
a. to succeed in doing sth. difficult that you planned to do.
b. to stop smth. happening or to stop sb. doing sth.
c. to try to do sth. as well as, or better than somebody
d. the program and other operating information used by a computer
e. discovering sth that is difficult to see, feel
Ex. 6 Say if the following statements are true or false:
1. Antivirus software (or anti-virus) is computer software used to identify and remove computer viruses.
2. The advantage of this detection method is that users are only protected from viruses that pre-date their last virus definition update.
3. Some anti-virus programs are not able to scan opened files in addition to sent and received e-mails 'on the fly' in a similar manner.
4. Anti-virus software changes the underlying capability of host software to transmit viruses.
5. Once a computer has been compromised by a virus, it is usually unsafe to continue using the same computer without completely reinstalling the operating system.
6. There are several methods which antivirus software can not use to identify malware.
7. This type of detection can be used to identify unknown viruses.