Ch. 6 - Vocab

Question 1

advanced persistent threat

Answer 1

well-resourced, persistent application of intrusion technologies and malware to selected targets

Question 2

adware

Answer 2

form of malware which presents unwanted advertisements to the user

Question 3

attack kit

Answer 3

otherwise known as crimeware

Question 4

backdoor

Answer 4

a secret entry point into a program, used to bypass usual security access procedures

Question 5

blended attack

Answer 5

uses multiple methods of infection to maximize speed of contagion and severity of the attack

Question 6

boot-sector infector

Answer 6

infects a master boot record and spreads when a system is booted

Question 7

bot

Answer 7

a system where malware subverts the computational and network resources of an infected system for use by the attacker

Question 8

botnet

Answer 8

a collection of bots acting in a coordinated manner

Question 9

crimeware

Answer 9

attack kits with a variety of propagation mechanisms and payload modules, which greatly expanded the population of attack that can deploy malware

Question 10

data exfiltration

Answer 10

form of a security breach that occurs when an individual’s or company’s data is copied, transferred, or retrieved from a computer or server without authorization

Question 11

downloader

Answer 11

code that installs other items on a machine that is under attack

Question 12

drive-by-download

Answer 12

exploits browser vulnerability when user views a webpage to download and install malware on the system

Question 13

email virus

Answer 13

a virus which propagates by email

Question 14

infection vector

Answer 14

method that this code uses to propagate itself or infect a computer

Question 15

keylogger

Answer 15

captures keystrokes on the infected machine to allow an attacker to monitor this information

Question 16

logic bomb

Answer 16

code embedded in malware that is set to “explode” when certain conditions are met

Question 17

macro virus

Answer 17

a virus that attaches itself to documents and uses the macro programming capabilities of the document’s application to execute and propagate

Question 18

malicious software

Answer 18

program inserted into a system with the intent of compromising the CIA of the victim’s data, applications, or operating system

Question 19

malware

Answer 19

otherwise known as malicious software

Question 20

metamorphic virus

Answer 20

a virus that rewrites itself completely at each iteration

Question 21

mobile code

Answer 21

programs that can be shipped unchanged to a heterogeneous collection of platforms

Question 22

parasitic virus

Answer 22

type of virus that spreads by attaching itself to another program

Question 23

payload

Answer 23

the variety of actions that a malware uses on a target

Question 24

phishing

Answer 24

gathering sensitive information from a user from having the user fill out a form on a fake website

Question 25

polymorphic virus

Answer 25

creates copies in replication that are functionally equivalent but have different bit patterns, each having a different signature

Question 26

propagate

Answer 26

spread

Question 27

ransomware

Answer 27

malware that encrypts a user's data, and demands payment in order to access the key

Question 28

rootkit

Answer 28

a set of programs to maintain covert access to the system with administrator privileges

Question 29

scanning

Answer 29

searching for other systems to infect

Question 30

spear-phishing

Answer 30

a more dangerous variant of a phishing attack, where the recipients are carefully researched by the attacker , and the email carefully crafted to suits its recipient

Question 31

spyware

Answer 31

allows monitoring of a wide range of activity on the computer

Question 32

stealth virus

Answer 32

designed to hide itself from detection by anti-virus software, using code mutation, compression, or rootkit techniques

Question 33

trapdoor

Answer 33

also known as a backdoor

Question 34

Trojan horse

Answer 34

an apparently useful program containing hidden code that performs some unwanted function

Question 35

virus

Answer 35

piece of software that can infect other programs by modifying them. Consists of three components: infection mechanism, trigger, and a payload. It goes through four phases: dormant, propagation, triggering, and execution phase

Question 36

watering-hole attack

Answer 36

variant of drive-by-download used in highly targeted attacks to minimize visibility

Question 37

worm

Answer 37

a program that actively seeks out more machines to infect, and then each infected machine serves as an automated launching pad for attacks on other machines

Question 38

zombie

Answer 38

also known as a bot

Question 39

zero-day exploit

Answer 39

exploit an unknown vulnerability that is only discovered when the worm is launched