Chapter 5
John is a network security administrator for a mid-sized college. He is trying to explain to a new hire what a virus is. Which of the following is the best definition of virus?
A program that self-replicates
The virus/worm that combined email attachments along with a fake virus warning was the __________ virus.
Bagle
If a program writes more information into the computer's memory than the memory was designed to hold, it is a(n) ___________ attack.
Buffer-overflow
What is the primary way a virus scanner works?
By comparing files against a list of known virus profiles.
You are trying to form policies for your organization that will mitigate the threat of viruses. You want to ensure that you address the most common way for a virus to spread. What is the most common way for a virus to spread?
By email attachment
What other way can a virus scanner work?
By looking at files for virus-like behavior.
What was the name of the very first virus ever detected?
Creeper
In a virus attack, the victim machine is the source.
False
The Sasser virus/buffer overflow attack spreads by copying itself to shared drives and emailing itself out to everyone in your address book.
False
Which of the following is a step that all computer users should take to protect against virus attacks?
Install and use antivirus software.
What factor about the WannaCry virus is especially interesting to security practitioners?
It could have been prevented with good patch management.
What made the Bagle virus so dangerous?
It disabled antivirus software.
Which of the following describes the Bagle virus?
It disabled antivirus software.
The I Love You virus caused harm because ________.
It generated large numbers of emails that bogged down many networks.
The Microsoft Office suite is a tempting target for viruses because ___________.
It is designed so that legitimate programmers can access its internal objects
Which of the following is the primary reason that Microsoft Outlook is so often a target for virus attacks?
It is easy to write programs that access Outlook's inner mechanisms
Jared is explaining various attacks to students in an introduction to cybersecurity class. He wants to make certain they fully understand the different attacks. What does a buffer-overflow attack do?
It puts more data in a buffer than it can hold.
The virus/worm that specifically targets Macintosh computers is ________.
MacDefender
The virus/worm that collected email addresses from your address book and from other documents on your machine was the ________ virus
Mimail
The virus/worm that collected email addresses from your address book and from other documents on your machine was the ________ virus.
Mimail
Shelly is trying to teach new employees how to handle emailed security alerts. Which of the following is true regarding emailed security alerts?
Most companies do not send alerts via email.
Which of the following is a way that any person can use to protect against virus attacks?
Never open unknown email attachments
The virus/worm that sends emails to victims telling them to delete a needed system file is the __________ virus.
Nonvirus
Which of the following is something a Trojan horse might do?
Open a backdoor for malicious software.
what virus exploited buffer overflows?
Sasser virus
What can you do with a firewall to help protect against virus attacks?
Shut down all unneeded ports.
Isabelle is responsible for cybersecurity at her company. She is concerned that a virus would cause damage to the IT systems. What is the most common damage caused by virus attacks?
Slowing down networks by the virus traffic
Which of the following virus attacks used a multimodal approach?
Sobig virus
Malek is explaining various malware types to new technical support personnel. He is explaining to them the various types of malware so that they can recognized them. What type of malware is a key logger?
Spyware
Which of the following reasons most likely made the Bagle virus spread so rapidly?
The email containing it claimed to be from the system administrator.
The virus/worm transmitted in a zip file attached to an email with an enticing message is __________.
Troj/Invo-Zip
A program that looks benign but actually has a malicious purpose is a _______.
Trojan horse
A rootkit provides the hacker root or privileged access.
True
A virus is any file that can self-replicate.
True
After a virus is on your system, it can do anything a legitimate program can do.
True
Malware that executes when a specific criteria is met is a logic bomb.
True
Malware that is portable to all operating systems or platforms is considered web-based code.
True
The Bagle virus contained email attachments and a fake virus warning.
True
The most common method to deliver spyware to a target system is by using a Trojan horse.
True
The most common way for a virus to spread is by reading your email address book and emailing itself to your contacts.
True
The most common way for a virus to spread is by __________.
Use of your email contact
You are trying to develop methods to mitigate the threat of viruses in your company. Which of the following is a safe way to send and receive attachments?
Use virus scanners before opening attachments.
Any file that can self-replicate is a ________.
Virus
McAfee and Norton are examples of ________.
Virus scanners
The virus/worm that attempts to copy itself to C:\WINDOWS\FVProtect.exe is _______.
Win32/Netsky-P
The virus/worm that specifically targets Linux computers is ________. a. None of the above. b. MacDefender c. Troj/Inve-Zip d. W32/Netsky-P
a. None of the above
A program that can propagate without human interference is a _______.
worm