2.4.4, 2.4.5, 2.4.6 Flashcards
What are viruses and worms?
Types of malware categorized by their ability to self-replicate.
What distinguishes viruses from worms?
Viruses require user interaction to spread, while worms can spread independently.
What is a characteristic of worms in terms of self-replication?
They do not need to rely on programs to spread.
How can viruses and worms affect a target?
By infecting specific programs on a computer.
By encrypting sensitive data on a local network.
By spreading to the boot sector of the computer.
What is a recommended defense against viruses?
Restricting the level of privilege users and processes natively run in.
What is a common defense measure against both viruses and worms?
Regularly updating antivirus software.
What is adware?
Software that installs extra components to deliver additional advertising, often in the form of pop-up ads.
How does adware affect computer performance?
It slows down computer performance by increasing network traffic.
What is a common method of distributing adware?
Bundling it with free software downloads.
How is spyware different from adware?
Spyware monitors computer and internet usage.
What type of data does spyware typically monitor?
Website visit history and browsing habits.
What is bloatware?
Software that comes pre-installed on devices by manufacturers and consumes system resources.
Why do manufacturers pre-install bloatware on devices?
To generate additional revenue through partnerships with software developers.
What is a keylogger?
A software program that tracks and logs keystrokes on a victim’s keyboard.
Why are keystrokes valuable to attackers?
They contain data such as passwords, usernames, and credit card information.
How do keyloggers capture data other than individual keystrokes?
By taking screenshots, logging items copied to the clipboard, and capturing instant messages.
Why are keyloggers not affected by encryption protection?
Because they intercept keyboard inputs before encryption takes place.
What are some legitimate uses for keyloggers?
Monitoring a child’s online activity.
How did the FBI use a keylogger in an investigation against cybercriminals?
By capturing the suspects’ usernames and passwords.
How do keyloggers spread?
Through email attachments, instant messages, text messages, or visiting malicious websites.
What is a recommended defense against keyloggers when opening email attachments?
Use caution when opening attachments and consider using one-time passwords and multi-factor authentication.
How can password managers help protect against keyloggers?
By not requiring typing the saved password each time for access.
How can alternate keyboard layouts help defend against keyloggers?
By preventing keylogger software from capturing keystrokes.
What is a logic bomb?
A piece of code that waits for specific conditions to be met before executing.
What are triggers in the context of logic bombs?
Specific events or conditions that cause the logic bomb to execute.
What are time bombs?
Logic bombs that detonate after a certain amount of time has passed.
Who is likely to install a logic bomb as an insider threat?
A disgruntled employee with privileged access to computer systems.
Why are logic bombs hard to identify?
They are stealthy by nature and remain inactive until triggered.
What is a recommended defense against logic bombs?
Regularly updating the operating system and patching vulnerabilities.
What is a rootkit?
A type of malware that provides administrative access to a computer while concealing its presence.
What is the main role of a rootkit?
To alter system files and conceal its presence to avoid detection.
Why are rootkits difficult to detect?
Because they alter system files and data reports to avoid detection.
How do rootkits block some antivirus software?
By activating before the operating system boots up.
What type of rootkit overwrites the firmware of the system’s BIOS?
Firmware rootkit.
What is the purpose of Secure Boot in defending against rootkits?
To detect tampering with boot loaders and key operating system files.
Which operating system was targeted by the Machiavelli rootkit?
Mac OS X
What is Stuxnet?
The first-known rootkit for industrial control systems (ICS).
