2.3.8 PQ NSF
Which of the following describes a logic bomb? -A program that has no useful purpose but attempts to spread itself to other systems and often damages resources on the systems where it is found. -A program that performs a malicious activity at a specific time or after a triggering event. -A program that appears to be a legitimate application, utility, game, or screensaver that performs malicious activities surreptitiously. -A type of malicious code similar to a virus whose primary purpose is to duplicate itself and spread while not necessarily intentionally damaging or destroying resources.
A program that performs a malicious activity at a specific time or after a triggering event. Explanation: A logic bomb is a program that performs a malicious activity at a specific time or after a triggering event. Logic bombs can be planted by a virus, a Trojan horse, or an intruder. Logic bombs may perform their malicious activity at a specific time and date or when a specific event occurs on the system, such as logging in, accessing an online bank account, or encrypting a file.
Which type of malware is software installed alongside a package selected by the user or bundled with a new computer system? -Bloatware -Spyware -Trojan horse -Logic bomb
Bloatware Explanation: Bloatware (or PUP) is software installed alongside a package selected by the user or perhaps bundled with a new computer system. Unlike a Trojan, the presence of a PUP is not automatically regarded as malicious. It may have been installed without active consent or with consent from a purposefully confusing license agreement.
Which virus operates only in memory and usually exploits a trusted application like PowerShell to circumvent traditional endpoint security solutions? -Remote Access Trojan (RAT) -Fileless malware -Worm -Ransomware
Fileless malware Explanation: Fileless malware operates only in memory to avoid detection by traditional endpoint security solutions that are focused on matching signatures to files that have been written to the hard drive.
Which of the following BEST describes spyware? -It is a program that attempts to damage a computer system and replicate itself to other computer systems. -It monitors the actions you take on your machine and sends the information back to its originating source. -It monitors user actions that denote personal preferences and then sends pop-ups and ads to the user that match their tastes. -It is a malicious program disguised as legitimate software.
It monitors the actions you take on your machine and sends the information back to its originating source. Explanation: Spyware monitors the actions you take on your machine and sends the information back to its originating source.
Which of the following is a type of malware that prevents the system from being used until the victim pays the attacker money? -Fileless virus -Denial-of-service attack (DoS attack) -Remote Access Trojan (RAT) -Ransomware
Ransomware Explanation: A type of malware used to prevent the system from being used until a ransom is paid by the victim is known as ransomware.
Which kind of malware provides an attacker with administrative control over a target computer through a backdoor? -Remote Access Trojan (RAT) -Crypto-malware -Trojan horse -Potentially unwanted program (PUP)
Remote Access Trojan (RAT) Explanation: A Remote Access Trojan (RAT) provides a backdoor for an attacker to remotely control a computer with administrative control. The other types of malware could be used in conjunction with a RAT, but they do not provide remote control access.
Which of the following are characteristics of a rootkit? (Select two.) Monitors user actions and opens pop-ups based on user preferences. Collects various types of personal information. Resides below regular antivirus software detection. Uses cookies saved on the hard drive to track user preferences. Requires administrator-level privileges for installation.
Resides below regular antivirus software detection. Requires administrator-level privileges for installation. Explanation: A rootkit is a set of programs that allow attackers to maintain hidden, permanent, administrator-level access to a computer. A rootkit: Is almost invisible software. Resides below regular antivirus software detection. Requires administrator privileges for installation and then maintains those privileges to allow subsequent access. Might not be malicious. Often replaces operating system files with alternate versions that allow hidden access.
You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.) -Schedule regular full-system scans. -Disable UAC. -Enable account lockout. -Enable chassis intrusion detection. -Educate users about malware.
Schedule regular full-system scans. Educate users about malware. Explanation: You should schedule regular full-system scans to look for any malware. In addition, educate users about the dangers of downloading software and the importance of anti-malware protections
What is the primary function of crypto-ransomware? -To spread spam emails from the infected system. -To create a backdoor for remote access to the infected system. -To encrypt files on the infected system and demand a ransom for the decryption key. -To steal sensitive information from the infected system.
To encrypt files on the infected system and demand a ransom for the decryption key. Explanation: Crypto-ransomware encrypts files on the infected system and then demands a ransom, typically in a form of cryptocurrency like Bitcoin, in exchange for the decryption key.
To prevent malware infection in your network system, you decide that it's critical to prevent malware attacks, such as ransomware and phishing, by restricting access to sites that might be malicious. Which of the following BEST represents this type of prevention technique? -Updating your web browser -Patching the operating system -Web filters -Pop-up blocker
Web filters Explanation: By installing web filters, you can prevent malware attacks, such as ransomware and phishing attacks, which often originate from malicious websites. By restricting access to these sites, web filters significantly reduce the risk of malware infections.
