malware types

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which action should a system administrator take to prevent further infection of computers on a network from being infected with keylogger software or hardware?

Distribute keystroke-encrypting keyboards to all users

Which of the following is an example of evidence that a system has been infected with some type of malware?

Unsolicited pop-up advertisements

A user has contracted a virus that an anti-virus program detects but cannot remove or quarantine. After investigating further, a system administrator notes that the virus is very large but impossible to remove. With which type of virus is the administrator likely dealing?

armored

boot sector virus remove

boot from a clean source and rewrite the master boot

A network administrator suspects that several computers on the network have been compromised by malware because of the large numbers of TCP connections to a single IP address. Upon checking the IP address' origin, the administrator finds that it belongs to a major political action committee. Which type of malware has infected this network?

botnet

anti-malware software has evolved to combat various types of malware. For example, pure signature-based anti-malware is no longer used. Which type of virus has been eradicated from the attack surface due to these more sophisticated detection and removal techniques?

camouflage

Although malware programmers are blamed for the increase of widespread malware infections, which of the following is perhaps the number one factor contributing to malware infections?

careless computer users

Viruses and worms both self-replicate (self-propagate) but worms distinguish themselves from viruses in that a worm's purpose is to do what to an infected network?

disrupt by crippling network bandwidth

The Mydoom worm is considered to be the worst worm incident of its type in virus history. Which method do worms, such as Mydoom, commonly use to rapidly spread themselves to millions of computers?

email

In addition to a lockout screen, ransomware can deny a user access to files by using which of the following methods?

encryption

Which of the following is a type of a classic virus that infects executable files, and upon execution of an infected file, infects other files?

file-infecting

Keyloggers appear in two different forms or types. Identify the two types of keyloggers.

hardware and software

A user on a corporate laptop discovers that their bank account and social media accounts have all been hacked. The user has highly secure passwords and has never accessed the accounts on a another device. The user brings their laptop to the company's system administrator for review. What does the system administrator find out about the user's computer?

keylogger

malware not typically part of malware campaign or attack

logic bomb

user not there and emails are coming from the computer

malware

what action determines if a system has malware

positive results from malware scan

What is the initial goal for an attacker who wants to access a network via backdoor attack?

to gain command and control of the target network

email actor trying to control of those systems and establish a presence inside the network

trojan horse

A network administrator had their entire network converted into a botnet. Which type of malware infection did the network administrator find during an investigation?

worm

A rootkit is a particularly dangerous type of malware. What makes it so dangerous?

It takes control of a system at the lowest levels while attempting to hide from detection.

Which feature makes logic bomb malware very difficult to detect and to prevent?

Logic bomb code is inserted during program development and is part of the standard program code.

What is the major benefit to an attacker using a so-called backdoor attack

The backdoor can help the attacker break into a target's infrastructure without being discovered.

Which vulnerability can make hardware backdoors especially difficult to protect from an attacker?

They only use passwords for access

A user has created a help desk ticket stating that they are unable to open any files on their computer. The user also states that a message is being displayed on the computer demanding the user pay money in order to access the computer files. Which type of malware has infected this user's computer?

ransomware

how to cleanup rootkit infection

reinstall from scratch

How is a remote access Trojan (RAT) different from a regular Trojan horse?

remote access control of computer

A user experiences an unusual and noticeable slowness when connecting to the Internet and other network resources, such as file shares and printers. What course of action does an administrator take in order to investigate further?

scan with anti malware program

A system administrator has just spent three full days fighting a significant virus infestation on the network. One computer after another became infected during this time. Which virus feature caused multiple computers to become infected?

self-replicating

A user found that their personal data had been exfiltrated from their computer by a malicious program that they clicked on several weeks ago. Which type of malware infected the user's system?

spyware


Conjuntos de estudio relacionados

Health Communication Campaigns Midterm

View Set

Chapter 13- Growth Strategies for entrepreneurial ventures

View Set

Reading quiz chapter 3 scales and melody

View Set

Session 1 - Vital Signs, Health Assessment, and Documentation

View Set

spontaneous vs. non spontaneous reactions

View Set