CH10: Malicious Software
5._________ can result in pop-up ads or redirection of a browser to a commercial site. A. Adware B. Bots C. Flooders D. Kits
A. Adware
2.__________ is software (macro, or other portable instruction) that can be shipped unchanged to a heterogeneous collection of platforms and execute with identical semantics. A. Mobile code B. Adware C. Rootkit D. Spyware
A. Mobile code
3. A__________ is a program that installs other items on a machine that is under attack. A. logic bomb B. downloader C. flooder D. none of the above
B. downloader
9. A __________ virus is a virus that mutates with every infection, making detection by the "signature" of the virus impossible. A. encrypted B. polymorphic C. stealth D. metamorphic
B. polymorphic (should be B&D)
7. During the __________ phase the virus places a copy of itself into other programs or into certain system areas on the disk. A. dormant B. propagation C. triggering D. execution
B. propagation
6. The _________ is the event or condition that determines when the payload is activated or delivered. A. propagation phase B. trigger C. infection mechanism D. execution
B. trigger
8.A(n) _________ virus is a form of virus explicitly designed to hide itself from detection by antivirus software. A. encrypted B. polymorphic C. stealth D. metamorphic
C. Stealth
1. A ________ lies dormant until a predefined condition is met; the program then triggers an unauthorized act. A. rootkit B. worm C. logic bomb D. keylogger
C. logic bomb
4._________ is software that collects information from a computer and transmits it to another system. A. Exploit B. Flooder C. Trojan horse D. Spyware
D. Spyware
10. A Worm typically uses the __________. A. dormant phase B. execution phase C. triggering phase D. all of the above
D. all of the above
2. Payloads include those used by viruses, worms, and trojans.
F
3. Propagation mechanisms include system corruption, bots, phishing, spyware, and rootkits.
F
8. A virus, although attached to an executable program, cannot do anything that the program is permitted to do.
F
9. Microsoft Word, Excel files, and Adobe PDF are document files that are safe from being infected by viruses.
F
5.__________ capture keystrokes on a compromised system.
Keyloggers
8. _________ viruses infect scripting code used to support active content in a variety of user document types.
Macro
10. The earliest significant worm infection was released onto the Internet by _________ in 1988.
Robert Morris
4.___________ programs are used to send large volumes of unwanted e-mail.
Spam
1. Malicious software constitutes one of the most significant categories of threats to computer systems.
T
10. Viruses often morph to evade detection.
T
4. A backdoor is any mechanism that bypasses a normal security check.
T
5. Usually, a downloader is sent in an e-mail.
T
6. A zombie is a program activated on an infected machine that is activated to launch attacks on other machines.
T
7. Malware can be put into two broad categories, based first on how it spreads or propagates to reach the desired targets and then on the actions or payloads it performs once a target is reached.
T
3. A _________ is a computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms.
Trojan horse
7.A __________ uses multiple methods of infection or propagation, to maximize the speed of contagion and the severity of the attack.
blended attack
9. The first function in the propagation phase for a network worm is for it to search for other systems to infect, a process known as scanning or __________.
fingerprinting
6.A __________ is a set of hacker tools used after an attacker has broken into a computer system and gained root-level access.
rootkit
1.A _________ is malware that, when executed, tries to replicate itself into other executable code; when it succeeds the code is said to be infected.
virus
2.A _________ is a computer program that can run independently and can propagate a complete working version of itself onto other hosts on a network.
worm
