Chapter 3 - Open Responses + True/False

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

In a buffer overflow attack, an attacker finds a vulnerability in poorly written code that doesn't check for a defined amount of memory space use.

True

Malware is malicious software, such as a virus, worm, or Trojan program, introduced into a network.

True

Whitelisting allows only approved programs to run on a computer.

True

What is the difference between spyware and adware?

Unlike spyware, adware does not perform malicious acts.

Explain how buffer overflow works

A buffer overflow occurs when a program or process attempts to write more data to a fixed length block of memory (a buffer), than the buffer is allocated to hold. By sending carefully crafted input to an application, an attacker can cause the application to execute arbitrary code, possibly taking over the machine.

What is a DDoS attack?

A denial of service is an action that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources such as CPU, memory, bandwidth and disk space.

Explain how a basic computer virus operates and how it uses other host programs.

A virus operates by inserting or attaching itself to a legitimate program or document that supports macros in order to execute its code. In the process, a virus has the potential to cause unexpected or damaging effects, such as harming the system software by corrupting or destroying data. Computer viruses cannot reproduce and spread without programming such as a file or document.

A DDoS attack is launched against a host from a single server or workstation.

False

Malware programs cannot be detected by antivirus programs.

False

Describe the basic function and creation process of a macro virus.

Macro viruses work by embedding malicious code in the macros that are associated with documents, spreadsheets and other data files, causing the malicious programs to run as soon as the documents are opened. ... Once an infected macro is executed, it will typically infect every other document on a user's computer.

Explain the advantages of application whitelisting?

The most obvious use for application whitelisting is to block malware from entering and executing on endpoints within a network, but one secondary benefit to application whitelisting is the ability to manage, reduce, or control the demand on resources within a network. When employees are able to run only whitelisted applications, system crashes and slowed speeds are not as likely due to increased demands on network resources.

Explain how the two different types of keyloggers are used?

There are two types of keyloggers, based on the method used to log keystrokes: software keyloggers and hardware keyloggers. Hardware-based keyloggers are rare, as they require having physical access to the victim's device in order to manipulate the keyboard. However, software-based keyloggers are much more common, and may affect any device that is not properly protected. Usually, keyloggers are installed on target computers by other malware specimens, such as Trojans or viruses. For example, an attacker may trick the victim into clicking a malicious link, which then downloads the keylogger into the system.


Ensembles d'études connexes

RN pharmacology online practice 2019 B

View Set

Real Estate Practice, Edition 9, Chapter 8 Quiz

View Set

Systematic Reviews and Meta-Analyses

View Set

Arkansas Insurance Exam for Life & Health: Policy Provisions, Riders, & Options

View Set

Lab 6 Muscular System (Appendicular Muscles)

View Set