07 Malware Threats: Virus & Worm Concepts
Given below are the different stages of a virus lifecycle. 1.Execution of the damage routine 2.Incorporation 3.Replication 4.Design 5.Launch 6.Detection What is the correct sequence of stages in the virus lifecycle? 5 -> 1 -> 3 -> 2 -> 6 -> 4 3 -> 4 -> 6 -> 1 -> 5 -> 2 4 -> 3 -> 5 -> 6 -> 2 -> 1 1 -> 2 -> 3 -> 4 -> 5 -> 6
4 -> 3 -> 5 -> 6 -> 2 -> 1
Mark, a professional hacker, was hired to disrupt the operations of an organization. In this process, he injected a virus into the target network that is designed to confuse or trick deployed antivirus systems for preventing them from detecting the actual source of the infection. Which of the following types of viruses did Mark use on the target organization? Web scripting virus Logic bomb virus Add-on virus Armored virus
Armored virus
Which of the following is dangerous ransomware written in C that uses encryption keys such as RSA public and AES keys for initializing and implementing Salsa20 encryption on targeted files? KeyGrabber BackMatter RemoteExec Spytech SpyAgent
BackMatter
Identify the malware that allows attackers to crash targeted devices and running processes, applications, and VMs during their encryption process. Horse Pill BlackCat Necurs iSpy
BlackCat
Which of the following malware is a specially crafted ransomware comprising four encryption routines and supports several encryption algorithms such as ChaCha20 and AES? Spytech SpyAgent Mirai BlackCat IExpress Wizard
BlackCat
Which of the following viruses stores itself with the same filename as the target program file, infects the computer upon executing the file, and modifies hard-disk data? Logic bomb viruses Armored viruses Camouflage viruses File-extension viruses
Camouflage viruses
Which of the following types of viruses overwrites a part of the host file with a constant without increasing the length of the file and while preserving its functionality? Cavity viruses Polymorphic viruses Metamorphic viruses Sparse infector viruses
Cavity viruses
Which of the following ransomware is delivered when an attacker uses the RIG exploit kit by taking advantage of outdated versions of applications such as Flash, Java, Silverlight, and Internet Explorer? Cerber NamPoHyu cryptgh0st SamSam
Cerber
In which of the following stages of the virus lifecycle does a user install antivirus updates and eliminate the virus threats? Replication Detection Launch Execution of the damage routine
Execution of the damage routine
Which of the following characteristics of a worm makes it different from a virus? Infects a system by inserting itself into a file or executable program Infects a system by exploiting a vulnerability in an OS or application by replicating itself Alters the way a computer system operates without the knowledge or consent of the user Spreads at a uniform rate, as programmed
Infects a system by exploiting a vulnerability in an OS or application by replicating itself
Ben, a security professional in an organization, received several complaints about abnormal behavior in the network. Upon research, he found that some of the employees clicked on malicious attachments in their emails. In which of the following stages of the virus lifecycle is the virus activated when the user performs specific actions such as running an infected program? Incorporation Detection Execution of the damage routine Launch
Launch
Ben, a security professional in an organization, received several complaints about abnormal behavior in the network. Upon research, he found that some of the employees clicked on malicious attachments in their emails. In which of the following stages of the virus lifecycle is the virus activated when the user performs specific actions such as running an infected program? Detection Incorporation Launch Execution of the damage routine
Launch
Lee, a hacker, was hired to break into an organization's network and gather sensitive information. In this process, Lee installed a virus that will be triggered when a specific date/time is reached, using which he can gain remote access and retrieve sensitive information. Which of the following types of viruses did Lee use in the above scenario? Polymorphic virus Metamorphic virus Logic bomb virus File-extension virus
Logic bomb virus
Which of the following programs is usually targeted at Microsoft Office products? Multipart virus Macro virus Stealth virus Polymorphic virus
Macro virus
During malware reverse engineering and analysis, Sheena has identified following characteristics present in the malware: -Self-replicating -Reprograms itself -Cannot be detected by antivirus -Changes the malicious code with each infection What is the type of malware identified by Sheena? Polymorphic virus Covert Channel Trojan Metamorphic virus Botnet Trojan
Metamorphic virus
Which of the following types of viruses is programmed in such a manner that they rewrite themselves completely each time they infect a new executable file? Metamorphic virus Encryption virus FAT virus Shell virus
Metamorphic virus
Which virus has the following characteristics: Inserts dead code Reorders instructions Reshapes the expressions Modifies program control structure Metamorphic virus Stealth virus Macro virus Cluster virus
Metamorphic virus
Rick, a hacker, infected a target system with malware that restricts access to the infected computer system or critical files and documents stored in it. He then demanded an online ransom payment to remove the user restrictions. Which of the following types of malware did Rick use to infect the target system? Virus Ransomware Computer worm Backdoor
Ransomware
Which of the following malware types restricts access to the computer system's files and folders and demands a payment to the malware creator(s) in order to remove the restrictions? Trojan horse Adware Ransomware Spyware
Ransomware
Which of the following viruses infect only occasionally upon satisfying certain conditions or when the length of the file falls within a narrow range? Sparse infector viruses Cluster viruses Stealth virus Encryption viruses
Sparse infector viruses
Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run? Stealth virus Metamorphic virus Polymorphic virus Cavity virus
Stealth virus
Which of the following types of viruses transfers all controls of the host code to where it resides in the memory, selects the target program to be modified, and corrupts it? Ransomware Armored virus Add-on virus Transient virus
Transient virus
Which of the following types of viruses hides itself from antivirus programs by actively altering and corrupting service call interrupts while running? System or boot-sector viruses Tunneling viruses File viruses Macro viruses
Tunneling viruses
Which of the following malware is a self-replicating program that produces its code by attaching copies of itself to other executable codes and operates without the knowledge of the user? Exploit kit Worm Virus Trojan
Virus
