Library - FAQ

This page is intended to answer the Frequently Asked Questions (FAQs) about Sri Lanka CERT|CC and will be updated periodically. Additional questions and your suggestions are welcome. Please E-mail them to slcert@cert.gov.lk

Section 1 - About Sri Lanka CERT|CC

Q: What is Sri Lanka CERT|CC?
Sri Lanka Computer Emergency Readiness Team | Coordination Centre (Sri Lanka CERT) is the single trusted source of advice about the latest threats and vulnerabilities affecting computer systems and networks, and a source of expertise to assist the nation and member organizations, in responding to and recovering from Cyber attacks. It was set up in June 2006, in collaboration with the Information and Communication Technology Agency (ICTA) of Sri Lanka.

Q: Who runs Sri Lanka CERT|CC?
Sri Lanka CERT|CC is wholly owned by the Government of Sri Lanka and it’s subscribers are the ICT Agency of Sri Lanka (ICTA) and the Secretary to the President

Q: How can I contact Sri Lanka CERT|CC?
Room 2-119A, BMICH, Bauddhaloka Mawatha,
Colombo 07, Sri Lanka
Telephone: +94 11 2691 692; +94 11 2679 064
Fax: +94 11 2691 064
Email: slcert@cert.gov.lk
Website: www.cert.gov.lk

Section 2 - Sri Lanka CERT|CC Services

Q: What are the services provided by Sri Lanka CERT|CC?
Sri Lanka CERT|CC provides three types of services to its constituency. They are responsive services, awareness services and consultancy services. The responsive services include incident handling and digital forensics while awareness services include the provision of a technology watch, providing virus alerts, conducting seminars & workshops and providing a knowledgebase on our website. Services such as technical audits, penetration testing, disaster recovery and business continuity planning, advisory for national security policy development are covered in our consultancy services.

Q: How can I report an incident?
Sri Lanka CERT|CC provides several channels to report an incident. You may fill the incident reporting form on our website, contact us through telephone, send us a fax or email us with the details of your incident.

Q: As a constituent what are the free services I am entitled to?
Responsive services (Remote support only)
Incident Handling
Awareness services (From our website & public media only)
Technology watch
Alerts
Knowledgebase

Q: How will Sri Lanka CERT|CC make aware of a major incident?
Sri Lanka CERT|CC will disseminate information about the incident and the precautions that need to be taken, through all publicly accessible media. In addition, members will be entitled to receive.

Section 3 - General Information

Q: What is an incident?
A computer security incident is any event which may cause harm to your computer system or network.

Q: What are the most common incidents?
• Unauthorized access
• Denial of service/disruption
• Site defacing
• Phishing (See Glossary)
• Virus attacks

Q: Are there any basic rules/steps for making my computer safe?
There are certain steps you can take to make your home computer less vulnerable. Please read the article in our knowledgebase-Security for Home Computers.

Q: How can I trust a download?
Most trusted sources which provide downloadable files to their customers ensure that the transferred file has arrived intact, by providing a pre-computed hash value (e.g. MD5, SHA-1) for the file, so that a user can compare the checksum of the downloaded file to it.

Q: Can I get a virus on my mobile phone or PDA?
Yes. There are mobile phone viruses specifically adapted for the cellular environment and designed to spread from one vulnerable phone to another.
Attacking a PDA is not as easy as attacking a PC. Because the operating system is in ROM.The art of exploiting PDAs is relatively new. PDAs running Windows have been compromised, using Cabinet files and the Auto run feature of removable media cards to introduce malicious programs. Pocket Internet Explorer can be used to trick users into revealing personal information. Additionally, Soft Input Panel (SIP) that substitutes for a hardware keyboard on Pocket PCs can easily be replaced by a seemingly identical program that logs keystrokes.

Q: What is spam, and how can I prevent it?
Spam is unsolicited e-mail that crowds inboxes with unwanted and objectionable materials. Spam can hinder e-mail communication by making valid e-mail messages difficult to identify.
Deploy a spam filter for your email client or inform your email service provider to filter your emails for spasm at the server end.

Q: My PC seems sluggish. What could be wrong?
Sometimes you may feel that your computer is not as quick as it used to be, things take forever or funny messages pop up etc. A few basic checks will help you to recover from it by your self before you call for assistance from a computer expert.
i. Check the available memory. For example, If you are running Windows XP with 128 MB of memory or less, you are asking for trouble.
ii. Various applications and web sites continually create “temporary” files on your PC but fail to delete them. You can use “Disk clean up” function to clear many of them in Windows.
iii. The Registry is the “heart” of your operating system; it continually gets “clogged” with outdated entries left there by careless applications; incomplete uninstall procedures, etc. Acquire a quality registry cleaner and run it periodically (Take a Restore Point before using it).
iv. Run a full virus scan periodically to make sure nothing has “sneaked through”. Set your virus scanner for automatic updates (if supported).
v. Run Defragmentation periodically, especially if your hard drive is crowded (not as critical as sometimes portrayed on very large drives with lots of free space).

Q: Why should I bother about computer security now?
Computer security is required because most organizations can be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated. These include:
• Damage or destruction of computer systems.
• Damage or destruction of internal data.
• Loss of sensitive information to hostile parties.
• Use of sensitive information to steal items of monetary value.
• Use of sensitive information against the organization's customers which may result in legal action by customers against the organization and loss of customers.
• Damage to the reputation of an organization.
• Monetary damage due to loss of sensitive information, destruction of data, hostile use of sensitive data, or damage to the organization's reputation.