1.2 Given a scenario, analyze potential indicators to determine the type of attack.

Question 1

Malware

Answer 1

Malware or malicious code is any element of software that performs an unwanted function from the perspective of the legitimate user or owner of a computer system.

Question 2

Ransomware

Answer 2

Ransomware is a form of malware that takes over a computer

system, usually by encrypting user data, to hinder its use while demanding payment.

Question 3

Trojan

Answer 3

A Trojan or Trojan horse is a means of delivering malicious software
by disguising inside of something useful or legitimate.

Question 4

Worms

Answer 4

Worms are designed to exploit a specific vulnerability in a system and
then use that flaw to replicate themselves to other systems. Worms typically focus on replication and distribution, rather than on direct damage and destruction.

Question 5

PUPs

Answer 5

Potentially unwanted programs (PUPs) are any type of questionable
software. Anything that is not specifically malware but still otherwise unwanted on a typcal computer system could be considered a PUP.

Question 6

File less virus

Answer 6

Fileless viruses reside in memory only and do not save themselves to the local storage devices.

Question 7

command and control.

Answer 7

Command and control (C&C) is an intermediary

communication service often used by botnets.

Question 8

Bots and Botnets

Answer 8

Bots are the infection agents that make up a botnet. A botnet is a network of systems infected by malicious software agents controlled by a hacker to
launch massive attacks against targets.

Question 9

Cryptomalware

Answer 9

Cryptomalware is a form of malware that uses the system

resources of an infected computer to mine cryptocurrencies.

Question 10

Logic Bombs

Answer 10

A logic bomb is a form of malicious code that remains dormant
until a triggering event or condition occurs.

Question 11

Spyware

Answer 11

Spyware is any form of malicious code or even business or
commercial code that collects information about users without their direct knowledge or
permission.
Understand adwa

Question 12

Adware

Answer 12

Adware displays pop-up or alternate advertisements to users based
on their activities, URLs they have visited, applications they have accessed, and so on.

Question 13

Keylogger

Answer 13

A keylogger is a form of unwanted software that records the keystrokes typed into a system’s keyboard.

Question 14

RAT

Answer 14

A remote-access Trojan (RAT) is a form of malicious code that grants
an attacker some level of remote-control access to a compromised system

Question 15

Rootkits

Answer 15

A rootkit is a special type of hacker tool that embeds itself deep
within an operating system (OS), where it can manipulate information seen by the OS and
displayed to users.

Question 16

Backdoor Attacks

Answer 16

There are two types of backdoor attacks: a developer installed access method that bypasses any and all security restrictions, or a hacker-installed
remote-access client.

Question 17

Password Attacks

Answer 17

Password attacks are collectively known as password
cracking or password guessing. Forms of password attacks include brute force (also known
as a birthday attack), dictionary, hybrid, and rainbow tables.

Question 18

Spraying and Stuffing

Answer 18

Spraying or stuffing of passwords/credentials is the
attempt to log into a user account through repeated attempts of submitting generated or
pulled-from-a-list credentials.

Question 19

Dictionary Attacks.

Answer 19

dictionary attack performs password guessing by using

a preexisting or precompiled list of possible passwords.

Question 20

brute-force attacks

Answer 20

A brute-force attack tries every valid combination of

characters to construct possible passwords.

Question 21

Understand online vs. offline password cracking

Answer 21

An online password attack occurs
against a live logon prompt. An offline attack is one where the attacker is working on their
own independent computers to compromise a password hash.

Question 22

Rainbow Tables.

Answer 22

Rainbow tables take advantage of a concept known as a hash
chain. It offers relatively fast password cracking, but at the expense of spending the time
and effort beforehand to craft the rainbow table hash chain database.

Question 23

malicious USB cables and flash drives

Answer 23

A malicious universal serial bus (USB)
cable or flash drive is a device crafted to perform unwanted activities against a computer
and/or mobile device or peripheral without the victim realizing the attack is occurring.
Attacks include exfiltrating data and injecting malware.

Question 24

Card cloning and skimming

Answer 24

Card cloning is the duplication of data

(skimming) from a targeted source card onto a blank new card.

Question 25

Adversarial AI.

Answer 25

Adversarial artificial intelligence (AI) (AAI) or adversarial 
machine learning (ML) (AML) is a training or programming technique where computational systems are set up to operate in opposition to automate the process of developing 
system defenses and attacks. This is also called a generative adversarial network (GAN)

Question 26

supply-chain attacks

Answer 26

Supply chain attacks could result in flawed or less reliable products or could allow for remote access or listening mechanisms to be embedding
into otherwise functioning equipment.