Practice 7.1.7
What is the main difference between a worm and a virus?
A worm can replicate itself while a virus requires a host for distribution
Which of the following statements about the use of anti-virus software is correct?
Antivirus software should be configured to download updated virus definition files as soon as they become available
What is another name for a logic bomb?
Asynchronous attacker
A collection of zombie computers have been set up to collect personal information. What type of malware do the zombie computers represent?
Botnet
To tightly control the anti-malware settings on your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would best prevent this scenario from occurring again?
Configure the software to automatically download the virus definition files as soon as they become available
You have installed anti-malware software that checks for viruses in email attachments. You configure the software to quarantine any files with problems. You receive an email with an important attachment, but the attachment is not here. Instead you see a message that the file has been quarantined by the anti-malware software. What has happened to the file?
It has been moved to a secure folder on your computer
Which of the following best describes spyware?
It monitors the actions you take on your mahine and sends the information back to its originating source
Which of the following are characteristics of a rootkit? (2)
Requires administrator-level privileges for installation; Hides itself from detection
Which of the following is undetectable softwre that allows administrator-level access?
Rootkit
You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various OS components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the following terms best describes this software?
Rootkit
You have installed anti-virus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware? (2)
Schedule regulate full system scans; Educate users about malware
What is the primary distinguishing characteristic between a worm and a logic bomb?
Self-replication
Which type of virus conceals its presence by intercepting system requests and altering service outputs?
Stealth
Which is a program that appears to be a legitimate application, utility, game, or screensaver and performs malicious activities surreptitiously?
Trojan horse
If your anti-virus software does not detect and remove a virus, what should you try first?
Update your virus detection software
