1.1, 1.2 , 1.6 (Malware, Attacks, Impact of Vulnerabilities)

Question 1

when resources (such as processor and memory) are overloaded

Answer 1

resource exhaustion

Question 2

a result of many DoS and DDos attacks, results in service interruption

Answer 2

resource exhaustion

Question 3

malicious code that attaches itself to an application and runs when application is started

Answer 3

virus

Question 4

often installed by malware on systems to bypass normal authentication methods

Answer 4

backdoor

Question 5

looks legitimate but is actually malicious

Answer 5

trojan

Question 6

can come as pirated software, useful utility, a game, or something else users may be tempted to download

Answer 6

trojam

Question 7

masquerades as an anti-virus software

Answer 7

rogueware

Question 8

type of malware that takes control of a user’s system or data

Answer 8

ransomware

Question 9

installed on users systems without their awareness or consent

Answer 9

spyware

Question 10

this can slow a system down, resulting in poorer performance

A. Adware
B. Trojan
C. Rootkit
D. Spyware

Answer 10

D. Spyware

Question 11

group of programs that hides the fact that the system has been infected or compromised by malicious code

Answer 11

rootkit

Question 12

action that refers to intercepting system-level functions calls, events or messages

Answer 12

hooking

Question 13

system-level/kernel and can modify system files and system access

Answer 13

rootkits

Question 14

hide their running processes to avoid detection with hooking techniques

Answer 14

rootkit

Question 15

practice of sending email to users with purpose of tricking them into revealing personal information or clicking on a link

Answer 15

phishing

Question 16

security feature that prevents code from executing in memory regions marked as non-executable

Answer 16

data execution prevention (DEP)

Question 17

uses existing computer scripts or code to launch attacks

Answer 17

script kiddies

Question 18

type of malware that allows attackers to take control of systems from remote locations

Answer 18

Remote Access Trojan (RAT)

Question 19

sometimes includes a keylogger that records user keystrokes

Answer 19

spyware

Question 20

they can remove user privileges and modify system files

Answer 20

rootkits

Question 21

Antivirus software uses what to detect known malware??

Answer 21

signatures

Question 22

when downloading signatures manually. what can verify the integrity of signature files?

Answer 22

hashes

Question 23

these attacks typically include sustained, abnormally high network traffic. (DoS or DDoS?)

Answer 23

DDoS

Question 24

these attacks change the source IP address

Answer 24

IP spooking

Question 25

attacks that attempt to mislead systems about the actual MAC address of a system.

Answer 25

ARP poisoning

Question 26

this attack can modify the IP address associated (google.com, amazon.com, ebay.com) and replace it with the IP address of a malicious web site

Answer 26

DNS poisoning

Question 27

these policies help protect against brute force attacks

Answer 27

account lockout policies

Question 28

what can thwart dictionary attacks?

Answer 28

complex passwords

Question 29

attack where the attacker is able to create a password that produces same hash as user’s actual password

Answer 29

birthday attack

Question 30

what can thwart replay attacks?

Answer 30

timestamps and sequence numbers

Question 31

takes advantage of session IDs stored in cookies

Answer 31

session hijacking

Question 32

attacker utilizes user’s session ID to impersonate the user

Answer 32

session hijacking

Question 33

process of rewriting the internal processing of the code without changing its external behavior

Answer 33

refactoring code

Question 34

as a result of THIS, an error exposes system memory

Answer 34

buffer overflow

Question 35

occurs when an application receives more data than it can handle, receive unexpected data that exposes system memory

Answer 35

buffer overflow

Question 36

when successful, this attack causes the system to execute malicious code

Answer 36

buffer overflow

Question 37

what can prevent buffer overflow attacks? (not all)

Answer 37

input validation

Question 38

from an administrator’s perspective, what is the true solution for buffer overflow vulnerabilities?

Answer 38

keeping systems up to date with current patches

Question 39

attacks that allow attackers to capture user information such as cookies

Answer 39

cross-site scripting (XSS)

Question 40

what can help prevent cross-site scripting (XSS) attacks?

Answer 40

input validation

Question 41

optimized by an application and converted into an executable file

Answer 41

compiled code

Question 42

code that is evaluated, interpreted and executed when the code is run

Answer 42

runtime code

Question 43

uses a digital signature within a certificate to authenticate and validate software code

Answer 43

code signing

Question 44

these attacks provide information about a database, allows attacker to read and modify the data in it

Answer 44

SQL injection

Question 45

attacker captures data between two entities, modifies it, and then attempts to impersonate one of the parties by replaying the data

Answer 45

replay attacks

Question 46

what is vulnerable to replay attacks? hint: (WPA)

Answer 46

WPA with TKIP

Question 47

wireless network where two or more devices connected together without an AP

Answer 47

ad hoc

Question 48

designed to prevent attackers from impersonating a website using fraudulent certificates

Answer 48

pinning