This topic provides answers to some frequently asked questions about the Overview page of the Security Center console.

How do I view the version of the virus library?

The update time of the virus library displayed in the Security Center console indicates the version of the virus library. In the Security defense section on the Overview tab, you can view the update time of the virus library in the right side of Anti-Virus Version. The Security Center server dynamically updates the characteristics of viruses and the virus library based on the analysis results of some engines. The engines include lexical analysis engines, virus detection engines, machine learning and deep learning engines, big data-based threat detection engines, threat intelligence engines, and abnormal behavior analysis engines. We recommend that you use Security Center to detect vulnerabilities and viruses on a regular basis to protect your servers from the latest viruses. For more information, see Quick scan and Scan for viruses.

Anti-Virus Version

After I install the Security Center agent on my ECS instances, will the virus library of Security Center be installed on the instances?

No,

after you install the Security Center agent on Elastic Compute Service (ECS) instances, Security Center does not install the virus library on your instances or download the virus library to your instances. The virus library is stored on and is updated by the Security Center server. The Security Center server updates the virus library in real time. Security Center checks whether your servers are exposed to viruses based on the virus library.

What are the priorities to handle security events that you can access from the Secure Score section?

The following table describes the priorities to handle security events that you can access from the Security Score section. A smaller number indicates a higher priority. The number 1 indicates the highest priority.
Priority Event handling
1 Configure or enable core features.
  • Enable web tamper proofing.
  • Configure rules to protect against brute-force attacks.
  • Authorize quick installation of the Security Center agent.
  • Grant Security Center the permissions to run configuration checks on cloud services.
  • Enable log analysis.
  • Enable the antivirus feature.
  • Create an anti-ransomware policy.
  • Enable periodic virus detection.
  • Specify the container images that are allowed to be scanned.
  • Enable Kubernetes threat detection.
2 Handle AccessKey pair leaks.
3 Handle configuration risks in cloud services.
4 Handle baseline risks.
5 Handle security alerts.
6 Fix vulnerabilities.

The deduction items in the Enterprise and Ultimate editions are different from those in the Basic, Anti-virus, and Advanced editions. What are the differences?

The Basic, Anti-virus, and Advanced editions of Security Center do not support the attack analysis feature. Therefore, this feature is not covered in the scope of security score. For more information about deduction items, see Deduction items.

How do I enable the feature of brute-force attacks protection?

The feature of brute-force attacks protection blocks malicious IP addresses that attempt to log on to your servers. This improves the security score of your assets. We recommend that you enable this feature. For more information, see FAQ.

How do I handle common alerts?

Security Center allows you to handle alerts detected on your assets. This way, you can reinforce your asset security and improve the security score. For more information, see FAQ.

How does the vulnerability scan level affect the security score?

If you focus only on high- and medium-level vulnerabilities and ignore low-level vulnerabilities, you can exclude the low-level vulnerabilities from the scope of the security score. To exclude low-level vulnerabilities from the scope of the security score, click Settings in the upper-right corner of the Vulnerabilities page in the Security Center console. In the panel that appears, select High and Medium in the Vul scan level section. Then, Security Center detects only high- and medium-level vulnerabilities. Settings panel

How does the baseline check level affect the security score?

If you focus only on high- and medium-level baseline checks and ignore low-level baseline checks, you can exclude the low-level baseline checks from the scope of security score. To exclude low-level baseline checks from the scope of the security score, choose Baseline Check > Manage Policies in the Security Center console, and select High and Medium in the Baseline level section. Then, Security Center runs only high- and medium-level baseline checks. Manage Policies panel