1) Self-replication

The program can replicate itself or use another system function to infect other systems by copying itself into other programs.

2) Latency

The appearance of symptoms of virus infection are delayed by having the system wait for a specific point in time, a specific period of time, or a specific number of transaction executions.

3) Destruction

The virus destroys program, data, or other files or causes systems to operate in a way not intended by the designers.

1) Software management (2 points)

This section summarizes the measures to be taken when system users install software.

2) Operation management (12 points)

This section summarizes the measures to be taken when system users use their systems.

3) Post-detection actions (3 points)

This section summarizes the actions to be taken when system users find a virus.

4) Audit (1 point)

This section summarizes the items to be audited to ensure that virus prevention measures are taken properly.

1) Computer management (8 points)

This section summarizes the measures to be taken when system managers install or update hardware and software.

2) Network management (5 points)

This section summarizes the measures to be taken when system managers install or update a network.

3) Operation management (9 points)

This section summarizes the measures to be taken when system managers maintain and manage systems.

4) Post-detection actions (6 points)

This section summarizes the actions to be taken when system mangers find a virus or are notified of the detection of a virus by system users.

5) Education and enlightenment (2 points)

This section summarizes the anti-virus education and enlightenment to be conducted for system managers and system users.

6) Audit (1 point)

This section summarizes the items to be audited to ensure that virus prevention measures are taken properly.

1) Development management (9 points)

This section summarizes the measures concerning the development of software and software products and the introduction, updating, and management of development environments.

2) Product management (3 points)

This section summarizes the measures to be taken in the manufacture and shipment of software products.

3) Post-detection actions (7 points)

This section summarizes the actions to be taken when software developers and vendors find a virus or are notified of the detection of a virus by users of products.

4) Education and enlightenment (1 point)

This section summarizes the anti-virus education and enlightenment to be conducted for software developers and vendors.

5) Audit (1 point)

This section summarizes the items to be audited to ensure that virus prevention measures are taken properly.

1) System management (2 points)

This section summarizes the measures to be taken in the installation and updating of systems used for network operations.

2) Operation management (4 points)

This section summarizes the measures to be taken in the maintenance and management of systems used for network operations.

3) Post-detection actions (6 points)

This section summarizes the actions to be taken when network operators find a virus or are notified of the detection of a virus by users of networks.

4) Education and enlightenment (2 points)

This section summarizes the anti-virus education and enlightenment to be conducted for network operators and network users.

5) Audit (1 point)

This section summarizes the items to be audited to ensure that virus prevention measures are taken properly.

1) System management (5 points)

This section summarizes the measures to be taken in the installation and updating of systems used for system services.

2) Operation management (6 points)

This section summarizes the measures to be taken in the maintenance and management of systems used for system services.

3) Post-detection actions (6 points)

This section summarizes the actions to be taken when system service operators find a virus or are notified of the detection of a virus by users of networks.

4) Education and enlightenment (1 point)

This section summarizes the anti-virus education and enlightenment to be conducted for system service operators.

5) Audit (1 point)

This section summarizes the items to be audited to ensure that virus prevention measures are taken properly.

(1) Obtain software whose sellers or distributors are clearly identified and whose update information is clear.

(2) Store original programs safely, such as by write-protecting the disks and making a backup copy of them.

(1) Conduct a virus inspection before using files obtained from outside or file media shared with other users.

(2) When using a system, initialize it first in order to minimize the damage from possible virus infection.

(3) Pay attention to changes in system operation in order to detect virus infection quickly.

(4) Conduct virus inspections at regular intervals, using the latest vaccine, etc., in order to detect virus infection early.

(5) In order to prevent damage from virus infection that could result from unauthorized access, set passwords that cannot be guessed easily and keep them secret.

(6) In order to prevent damage from virus infection that could result from unauthorized access, change the passwords from time to time.

(7) In order to prevent damage from virus infection that could result from unauthorized access, do not share system user IDs.

(8) In order to prevent damage from virus infection that could result from unauthorized access, check the access history.

(9) In order to prevent damage from virus infection that could result from unauthorized access, strictly control files that store confidential information.

(10) Do not leave a system in a state in which it is waiting for input and can thus be used without authorization.

(11) Do not use any software of unknown origin, in order to prevent infection by a virus.

(12) To prepare for responses to possible infection by a virus, make backup copies of files regularly and keep them for a certain time.

(1) If a system is infected by a virus, stop using the infected system, report it to the system manager, and follow his/her instructions.

(2) In order to prevent the spread of damage from virus infection, follow the system manager's instructions for system recovery.

(3) In order to prevent the spread of damage from virus infection, destroy floppy disks, etc. that contain infected programs.

(1) In order to improve the effectiveness of virus prevention measures, obtain system audit reports on virus prevention measures and take any necessary steps.

(1) In order to enforce virus prevention measures smoothly, make the computer management policy clear.

(2) In order to prevent infection by a virus, conduct a virus inspection whenever installing a device.

(3) In order to prevent infection by a virus, conduct a virus inspection whenever installing software onto a computer.

(4) In order to prepare for responses to damage from infection by a virus, preserve details of all the software installed on a system.

(5) Store original programs safely, such as by write-protecting disks and making a backup copy of them.

(6) In order to prevent damage from virus infection that could result from unauthorized access, minimize the number of system users and their authority to access the system.

(7) In order to prevent damage that could result from infection by a virus, stop system users from writing to the directories where shared programs are stored.

(8) In order to prevent damage that could result from infection by a virus, delete programs that are not necessary for system operation.

(1) In order to enforce virus prevention measures smoothly, make the computer management policy clear.

(2) In order to help identify the scope of damage from possible infection by a virus, record in advance and manage the installation conditions of devices connected to a network.

(3) In order to prepare for responses to damage from infection by a virus, establish an emergency reporting system and make it understood clearly and widely.

(4) In order to prevent damage from virus infection that could result from unauthorized access, ensure the security of network management information.

(5) In order to prevent damage from virus infection that could result from unauthorized access, ensure the security of the devices connected to an outside network.

(1) Make clear how to manage important information concerning the system.

(2) In order to protect important system information from unauthorized access, use the security function of the system.

(3) Avoid setting easy passwords, so that the passwords will not be guessed easily.

(4) In order to prepare against damage from infection by a virus, back up the system in use regularly and keep it for a specific time.

(5) In order to prevent damage that could result from infection by a virus, limit the services that can be used anonymously.

(6) In order to detect any unauthorized access, analyze the access history regularly.

(7) For early detection of possible infection by a virus, monitor the operation of the system.

(8) For early detection of possible infection by a virus, conduct virus inspections at regular intervals, using the latest vaccine, etc.

(9) If any system trouble is found, identify the cause promptly.

(1) In order to prevent any spread of damage from virus infection, stop using the infected system.

(2) In order to prevent any spread of damage from virus infection, promptly convey the necessary information to system users.

(3) In order to understand the damage from infection by the virus, endeavor to identify the kind of virus and the scope of infection.

(4) Work on the recovery of the infected development system by establishing safe recovery procedures.

(5) In order to prevent any recurrence of damage from virus infection, analyze the cause and implement preventive measures.

(6) In order to prevent the spread and recurrence of damage from infection by the virus, report the necessary information to the person specified separately by the Minister of International Trade and Industry.

(1) In order to improve the level of virus prevention measures, collect and thoroughly disseminate virus-related information.

(2) Educate and enlighten system users on security measures and virus prevention measures.

(1) In order to improve the effectiveness of virus prevention measures, obtain system audit reports on virus prevention measures and take any necessary steps.

(1) Make clear how to manage development tools in order to prevent a virus from infecting a development system through development tools.

(2) Manage passwords strictly in order to prevent their leakage.

(3) Manage the development system strictly in order to prevent damage from infection by a virus that could result from unauthorized use of the system.

(4) In order to prevent damage from infection by a virus that could result from unauthorized access to the system, apply tight security to access to a development system via networks etc.

(5) In order to prevent damage from infection by a virus that could result from unauthorized access to the system, minimize the developers' authority to access the system.

(6) Clearly identify the developers and testers of a program being developed as well as the persons in charge, and manage the program strictly.

(7) To prepare for responses to possible damage from infection by a virus, make and keep a backup copy of the program being developed.

(8) In order to prevent unauthorized use, be sure to remove debugging functions from a program when development has finished.

(9) For early detection of possible infection by a virus, conduct virus inspections at regular intervals, using the latest vaccine, etc.

(1) In order to prevent a product from being infected by a virus in the manufacturing process, copy it using a specialized system or device.

(2) In order to prevent infection by a virus, place the original of each product under strict management.

(3) In order to prevent a product from being infected by a virus in the distribution stage, take such measures as write-protecting disks and sealing packaging.

(1) If any product infected by a virus is found, stop distribution, notify the users of the product, and recall the product.

(2) In order to prevent the spread of infection by the virus, stop using the infected development system.

(3) In order to prevent the spread of infection by the virus, promptly convey the necessary information to all the software developers and vendors concerned.

(4) In order to understand the damage from infection by the virus, endeavor to identify the kind of virus and the scope of infection.

(5) Work on the recovery of the infected development system by establishing safe recovery procedures.

(6) In order to prevent any recurrence of damage from virus infection, analyze the cause and implement preventive measures.

(7) In order to prevent the spread and recurrence of damage from infection by the virus, report the necessary information to the person specified separately by the Minister of International Trade and Industry.

(1) In order to improve the level of virus prevention measures, collect and thoroughly disseminate virus-related information.

(1) In order to improve the effectiveness of virus prevention measures, obtain system audit reports on virus prevention measures and take any necessary steps.

(1) In order to help identify the scope of damage from possible infection by a virus, record in advance and manage the system setting used for the network service.

(2) In order to prepare for responses to damage from infection by a virus, establish an emergency reporting system and make it understood clearly and widely.

(1) In order to prevent damage from infection by a virus that could result from unauthorized access, minimize the network users' access authority as much as necessary.

(2) In order to prevent any damage that could result from infection by a virus, conduct a virus inspection, using the latest vaccine etc., before releasing a file for public use.

(3) In order to prevent damage from infection by a virus that could result from unauthorized access, strictly manage network management information such as passwords.

(4) In order to prepare for responses to damage from infection by a virus, always record the history of use and keep the record for a specified period.

(1) In order to prevent the spread of infection by the virus, stop distribution of infected files.

(2) In order to prevent the spread of infection by the virus, promptly inform the network users and the network service operators.

(3) In order to understand the damage from infection by the virus, endeavor to identify the kind of virus and the scope of infection.

(4) Establish safe recovery procedures and inform the network users.

(5) In order to prevent any recurrence of damage from virus infection, analyze the cause and implement preventive measures.

(6) In order to prevent the spread and recurrence of damage from infection by the virus, report the necessary information to the person specified separately by the Minister of International Trade and Industry.

(1) In order to improve the level of virus prevention measures, collect and thoroughly disseminate virus-related information.

(2) Educate and enlighten network users on security measures and virus prevention measures.

(1) In order to improve the effectiveness of virus prevention measures, obtain system audit reports on virus prevention measures and take any necessary steps.

(1) Use software whose sellers or distributors are clearly identified and whose update information is clear.

(2) In order to prevent unauthorized use, strictly manage any software that contains a maintenance function and strictly manage its information.

(3) Store original programs safely such as by write-protecting disks and making a backup copy.

(4) Prepare the disks to be used for the service from original programs by using initialized disks.

(5) In order to prepare for responses to damage from infection by a virus, preserve the information on the structure of all the disks used for the service.

(1) In order to prepare for responses to damage from possible infection by a virus, clearly explain how to manage the systems used for the service.

(2) In order to prevent infection by a virus, inspect the systems to be used for the service for viruses in advance by using the latest vaccine etc.

(3) In order to prepare for responses to damage from possible infection by a virus, keep the history of virus inspection and other system trouble for a specified period.

(4) In order to prevent infection by a virus, do not use any system for the service after it has been used for another service.

(5) In order to prevent damage from possible infection by a virus, disconnect any devices that are not necessary for the service.

(6) Write-protect the disks used for the service in order to prevent them being infected by a virus.

(1) In order to prevent the spread of infection by the virus, stop using the infected system for the service.

(2) In order to prevent the spread of infection by the virus, promptly convey the necessary information to the users receiving the service.

(3) In order to understand the damage from infection by the virus, endeavor to identify the kind of the virus and the scope of infection.

(4) Work on the recovery of the infected system used for the service by establishing safe recovery procedures.

(5) In order to prevent any recurrence of infection, analyze the cause and implement preventive measures.

(6) In order to prevent the spread and recurrence of damage from infection by the virus, report the necessary information to the person specified separately by the Minister of International Trade and Industry.

(1) In order to improve the level of virus prevention measures, collect and thoroughly disseminate virus-related information.

(1) In order to improve the effectiveness of virus prevention measures, obtain system audit reports on virus prevention measures and take any necessary steps.