6) Malicious Software

¡Supera tus tareas y exámenes ahora con Quizwiz!

Logic Bomb

Which of the following malware types is MOST likely to execute its payload after an employee, has left the company?

Mobile

__________ code refers to programs that can be shipped unchanged to a heterogeneous collection of platforms and execute with identical semantics.

Ransomware

__________ is malware that encrypts the user's data and demands payment in order to access the key needed to recover the information.

bot

a program that performs a repetitive task on a network

Zombie

a program that secretly takes over another computer for the purpose of launching attacks on other computers

Worm

a software program capable of reproducing itself that can spread from one computer to the next over a network.

parasitic virus

attaches to programs and executable files/installs itself into memory

Botnets

Which of the following malware types is MOST commonly associated with command and control

Three locations for malware detection mechanisms

1. 2. 3.

Four Categories of Malware Payloads

1. corruption of system or datafiles 2. theft of service in order to make the system a zombie agent of attack as part of a botnet 3. theft of information from the system, such as logins, password and person details 4. stealthing where the malware hides its own presence on the system

Three broad mechanisms malware uses to propogate (3)

1. infection of existing executable or interpreted content by viruses that is subsequently spread to other systems 2. exploit of software vulnerabilities either locally or over a network by worms or drive-by-downloads to allow the malware to replicate 3. social engineering attacks that convince users to bypass security mechanisms to install trojans, or to respond to phishing attacks

Logic Bomb

A __________ is code inserted into malware that lies dormant until a predefined condition, which triggers an unauthorized act, is met

drive by download

A __________ is when a user views a Web page controlled by the attacker that contains a code that exploits the browser bug and downloads and installs malware on the system without the user's knowledge or consent.

Blended Attack

A _________________ uses multiple methods of infection or propagation to maximize the speed of contagion and the severity of the attack.

Trojan Horse

A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.

Watering Hole Attack

A malicious attack that is directed toward a small group of specific individuals who visit the same website.

spear-phishing

A phishing attack that targets only specific users.

Rootkits

A set of of software tools used by an intruder to break into a computer obtain special prvileges to perform unauthorized functions, and then hide all traces of its existence.

Adware

A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.

Advanced Persistent Threat (APT)

A sophisticated, long-running computer hack that is perpetrated by large, well-funded organizations

Rootkit

A tool that obtains the highest level of privilege on a device.

Spyware

A type of Malware that locates and saves data from users without them knowing about it.

Downloader

A type of Trojan designed to transfer other malware onto a PC via Internet connection.

Metamorphic Virus

A virus that alters how it appears to avoid detection.

polymorphic virus

A virus that can change its own code or periodically rewrites itself to avoid detection

stealth virus

A virus that temporarily erases its code from the files where it resides and hides in the active memory of the computer.

Macro Virus

A virus that's distributed by hiding it inside a macro.

zero-day exploit

A vulnerability that is exploited before the software creator/vendor is even aware of its existence.

payload

The destructive event a virus was created to deliver.

Worm

Several users' computers are no loner responding normally and sending out spam email to the users' entire contact life. This is an example of which of _________ outbreak

Virus

Code embedded within a program that causes a copy of itself to be inserted in one or more other programs. In addition to propagation, the virus usually performs some unwanted function.

botnet

Collection of bots capable of acing in a coordinated manner

Prevention

The ideal solution to the threat of malware is __________.

dormant phase

During the ________ the virus is idle.

Social Engineering

Which of the following is an attack where Pete spreads USB thumb drives thoughout a bank's parking lot in order to have malware installed on the banking systems?

Virus

Which of the following malware types is BEST described as protecting itself by hooking system porcesses and hiding its presence?

Infection Vector

How an infection is spread.

Boot-sector infector

Infects a master boot record or boot record and spreads when a system is booted from the disk containing the virus

Malware Countermeasures

Installing anti-malware applications, installing basic internet security applications, often get the data drive scanned and analyzed

Anti Spam

Jane, a user, has reported an increase in email phishing attempts. Which of the following can be implemented to mitigate the attacks?

False

Keyware captures keystrokes on a compromised system.

Drive-by-Download

Program which automatically downloads when a user visits a web page, usually without their knowledge or consent.

malicious software (malware)

Programs that exploit system and user vulnerabilities to gain access to the computer.

Backdoor

Software code that gives access to a program or a service that circumvents normal security protections.

Mobile Code

Software that is transmitted across the network from a remote source to a local system then executed at the local system

crimeware

Software tools built with the purpose of committing online scams and stealing information from consumers and businesses

True

T/F: A logic bomb is the event or condition that determines when the payload is activated or delivered.

True

T/F: In addition to propagating, a worm usually carries some form of payload.

True

T/F: Malicious software aims to trick users into revealing sensitive personal data.

True

T/F: Packet sniffers are mostly used to retrieve sensitive information like usernames and passwords.

Bots

Takes over another Internet attached computer and uses that computer to launch or manage attacks.

Execution Phase

The __________ is when the virus function is performed.

Data Exfiltration

The unauthorized transfer of data outside an organization.

Spam

Unsolicited bulk e-mail is referred to as __________.

propogate

produce, multiply, spread

Trapdoor

secret entry point of entry into a program that allows someone that is aware of the trap door to gain access without going through the usual security access procedures (like a backdoor)

Infection Mechanism

the __________ is the means by which a virus spreads or propagates.


Conjuntos de estudio relacionados

Chapter 30 - liability of principles and agents

View Set

COURT CASES MARBURY V. MADISON REGENT QUESTIONS

View Set

Advanced Contract Law (WA Real Estate Continuing Education 2021)

View Set