Chap 21: Malicious Code and Application Attacks Flashcards

1
Q

Understand the propagation techniques used by viruses.

A

Viruses use four main propagation
techniques—file infection, service injection, boot sector infection, and macro infection—to penetrate systems and spread their malicious payloads. You need to understand these techniques to effectively protect systems on your network from malicious code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain the threat posed by ransomware.

A

Ransomware uses traditional malware techniques
to infect a system and then encrypts data on that system using a key known only to the attacker. The attacker then demands payment of a ransom from the victim in exchange for providing the decryption key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Know how antivirus software packages detect known viruses.

A

Most antivirus programs use signature-based detection algorithms to look for telltale patterns of known viruses. This makes it essential to periodically update virus definition files in order to maintain protection against newly authored viruses as they emerge. Behavior-based detection monitors target
users and systems for unusual activity and either blocks it or flags it for investigation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain how user and entity behavior analytics (UEBA) functions.

A

UEBA tools develop profiles of individual behavior and then monitor users for deviations from those profiles that may indicate malicious activity and/or compromised accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Be familiar with the various types of application attacks attackers use to exploit poorly written
software.

A

Application attacks are one of the greatest threats to modern computing. Attackers exploit buffer overflows, backdoors, time-of-check-to-time-of-use vulnerabilities, and rootkits to gain illegitimate access to a system. Security professionals must have a clear understanding of each of these attacks and associated
countermeasures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Understand common web application vulnerabilities and countermeasures.

A

As many applications move to the web, developers and security professionals must understand the new types of attacks that exist in this environment and how to protect against them. The two most common examples are cross-site scripting (XSS) and SQL injection attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly