13.1 Flashcards
Most common threat to computers
Malware disrupts computers and networks.
It can change configurations, delete files, steal information, or redirect web browsers.
Viruses
First and most common type of malware
Viruses require user action to spread.
They attach to programs or documents and infect the computer when opened.
Trojan Horses
Disguised malicious programs
Trojan horses appear useful but contain hidden malware.
They are often downloaded with free software.
Types of Malware
Adware: displays unwanted ads
Ransomware: encrypts files and demands a ransom
Rootkits: gain administrator access
Spyware: steals user information
Worms: self-replicating programs
Anti-Malware Software
Anti-malware software protects computers from malware.
It detects and blocks various threats.
It updates regularly with new threat signatures.
Signature File Updates
Anti-malware software needs regular updates to detect new threats.
Download updates from the manufacturer’s website or trusted mirrors.
Remediating Infected Systems
Removing malware may require rebooting in Safe Mode.
A specialist might be needed for complete cleaning.
Reformat and reinstall the OS as a last resort.
Delete system restore files after cleaning.
Network Attacks
Networks are targets
Attackers use various tools to gather information about target networks.
They then exploit vulnerabilities to gain access or disrupt operations.
Network Attacks - Types
Denial-of-Service (DoS): overwhelms a target with traffic
Distributed DoS (DDoS): uses multiple attackers
DNS Poisoning: redirects users to malicious servers
Man-in-the-Middle: attacker intercepts communication between two hosts.
Spoofing: attacker disguises their identity
Zero-Day
Zero-day refers to a newly discovered vulnerability.
Software is vulnerable until a patch is released.
Protecting Against Network Attacks
A layered security approach is essential.
Secure all network devices (routers,
switches).
Stay updated on vulnerabilities and apply patches promptly.
Social Engineering
Social engineering deceives users into giving away confidential information.
It exploits human trust and willingness to help.
Social Engineering Techniques
Pretexting: creating a false scenario to obtain information
Phishing: sending fraudulent emails disguised as trusted sources
Spam: unsolicited emails with malicious content
Baiting: leaving infected media in public places
Impersonation: pretending to be someone else
Shoulder surfing: stealing information by looking over someone’s shoulder