CH 8
What is a major drawback of most antivirus software?
It must have the latest virus definitions.
Microsoft Office and other office suite applications have a feature that should be turned off to prevent malware from executing or spreading. What feature should be disabled?
Macro feature
What technique might a malware author use that would be most effective to evade detection by anti-malware software?
Polymorphism
In virus scanning, what is the telltale sign of a virus?
Signature
Which of the following malware achieved a historical first by causing physical damage to a nuclear reactor facility?
Stuxnet
Which of these technologies would you use to remove malware in the network before it got to the endpoint?
Unified threat management device
Which of the following is an application that does not need a host or human interaction to disrupt and corrupt data?
Worm
Software that creates pop-up advertisement messages while visiting websites is known as what?
Adware
Which type of network uses a group of zombie computers to carry out the commands of the bot master?
Botnet
What tool could you safely use to perform dynamic analysis on a malware sample?
Cuckoo Sandbox
Due to the ILOVEYOU virus, Microsoft implemented a new business practice in its software to prevent such attacks from occurring again. What was it?
Disabling the macro features in Microsoft Office by default
Apache OpenOffice and Microsoft Office have a built-in feature that allows the user to automate a series of specified commands. These commands usually assist with daily routine tasks. This feature can be used in conjunction with launching malware. What feature is this?
Macro
What is the biggest drawback from using anti-malware software?
It must have up-to-date virus definitions.
Which of the following is used for recording key strokes at a terminal or keyboard using malicious software?
Key logger
What technique would a malware author use to try to make it past an anti-malware solution?
Obfuscation
Which type of malware is likely the most impactful?
Ransomware
Malware installed at the kernel is very difficult to detect with products such as antivirus and anti-malware programs. What is this type of malware called?
Rootkit
A user reports that they have downloaded a music file from the Internet. They inform you that when they opened the file, it seemed as though it installed an application, and then the user was prompted to send a payment of $500 to a PayPal account to get the key to decrypt their hard drive. The user no longer has access to their desktop. What could be the issue?
The user downloaded and installed ransomware.
Why would an attacker use a Trojan?
To get a user to run it
An application that is designed to look like a known legitimate application but is actually malicious in nature is considered what type of malware?
Trojan