Computer Security Midterm2 CH 9
T
A Trojan horse is an apparently useful program containing hidden code that, when invoked, performs some harmful function. (True Or False)
DDoS
A __________ attack is a bot attack on a computer system or network that causes a loss of service to users.
botnet
A __________ is a collection of bots capable of acting in a coordinated manner.
drive-by-download
A __________ is when a user views a Web page controlled by the attacker that contains a code that exploits the browser bug and downloads and installs malware on the system without the user's knowledge or consent.
macro virus
A __________ uses macro or scripting code, typically embedded in a document and triggered when the document is viewed or edited, to run and replicate itself into other such documents.
stealth
A __________ virus is explicitly designed to hide itself from detection by anti-virus software.
keylogger
A bot can use a __________ to capture keystrokes on the infected machine to retrieve sensitive information.
F
A bot propagates itself and activates itself, whereas a worm is initially controlled from some central facility. (True Or False)
anti-virus
Countermeasures for malware are generally known as _________ mechanisms because they were first developed to specifically target virus infections.
digital immune system
Developed by IBM and refined by Symantec, the __________ provides a malware detection system that will automatically capture, analyze, add detection and shielding, or remove new malware and pass information about it to client systems so the malware can be detected before it is allowed to run elsewhere.
dormant phase
During the __________ the virus is idle.
T
E-mail is a common method for spreading macro viruses. (True Or False)
T
Every bot has a distinct IP address. (True Or False)
T
In addition to propagating, a worm usually carries some form of payload. (True Or False)
T
Packet sniffers are mostly used to retrieve sensitive information like usernames and passwords. (True Or False)
T
Programmers use backdoors to debug and test programs. (True Or False)
prevention
The ideal solution to the threat of malware is __________.
spam
Unsolicited bulk e-mail is referred to as __________.
Mobile
__________ code refers to programs that can be shipped unchanged to a heterogeneous collection of platforms and execute with identical semantics.
Ransomware
__________ is malware that encrypts the user's data and demands payment in order to access the key needed to recover the information.
Fingerprinting
__________ is the first function in the propagation phase for a network worm.
Generic decryption (GD)
__________ technology is an anti-virus approach that enables the anti-virus program to easily detect even the most complex polymorphic viruses and other malware, while maintaining fast scanning speeds.
Behavior-blocking software
__________ will integrate with the operating system of a host computer and monitor program behavior in real time for malicious actions.
