chap13

Question 1

abbreviation of malware?
How does malware get on your computer?
User visiting infected website
User has outdated antivirus software
Web Browser not patched for new vulnerability
Downloading a “free” program
Opening unsolicited email
Exchanging files on file sharing sites
Computer infected by another infected host
Insert a USB stick that you found in a public area
Opening attachments sent in instant messenger, social media, etc

Answer 1

• ## malicious software.

Question 2

1 system is one which** has not been updated **with operating system or application patches or missing antivirus and firewall security software
2 systems are those which the vendor no longer provides support or fixes for vulnerabilities.

Answer 2

1. A non-compliant system
2. legacy system

Question 3

You opened an email attachment and suddenly your computer shut down. You try to reboot it but it keeps shutting down.?

You just downloaded and installed a free game and suddenly a new “search” toolbar has appeared in your browser.

A cybercriminal has installed a very hard to detect malware on your computer **to gain system-level privileges **and can now control it remotely.

Answer 3

1. Virus
2. adware
3. Rootkit

Question 4

Unsuspecting users download and install the game, installing the Trojan malware.

types? 8

Answer 4

1. Remote access- enabled unauthorized access
2. Data sending- gives passwor
3. Destructive- corrupts files
4. Proxy - use the victim somp to launch illegal attack
5. Ftp- unautho file transfer
6. keylogger - attempts to steal info credit cards, keystrokes
7. Dos- hels network activitiy
8. security software disabler - stops anti virus/ firewalls to func

Question 5

Types of Malware
1. can display unsolicited advertising using pop-up web browser windows, new toolbars, or unexpectedly redirect a webpage to a different website.
2. denies a user access to their files by encrypting the files and then displaying a message demanding a ransom for the decryption key. (Bitcoin)
3. they can alter firewall, antivirus protection, to gain administrator-account level access to a computer.
4. can be a low threat, gathering browsing data, or it can be a high threat capturing personal and financial information.
5. self-replicating program, is usually to slow or disrupt network operations.

Answer 5

1. adware
2. ransomware
3. rootkit
4. spyware
5. worm

Question 6

7 procedure for malware removal

Answer 6

1. Identify and research malware symptoms
2. Quarantine the infected systems
3. Disable System Restore (in Windows)
4. Remediate infected systems
5. Schedule scans and run updates
6. Enable System Restore and create restore points (in Windows)
7. Educate the end user

Question 7

1. An attacker intercepts communication between computers to steal information transiting through the network.
2. creates many requests from a single source, aiming to overwhelm the destination device.
3. forged IP or MAC address to pretend to be a trusted computer to gain access to resources.

Answer 7

1. Man-inmiddle
2. DoS
3. Spoofing

Question 8

1. Data transmissions are intercepted and recorded by an attacker. They are then sent to the destination computer. The destination computer handles these transmissions as though they are authentic.
2. This attack randomly opens TCP ports at the source of the attack with a large amount of false SYN requests. This causes sessions to be denied to others
   ..
   when threat is detected..
3. This is the day that an unknown vulnerability has been discovered by the vendor. The term is a reference to the amount of time that a vendor has had to address the vulnerability.
4. This is the moment when the exploit is discovered.

Answer 8

1. Replay
2. SynFlood
3. 3. Zer0-day
4. Zero-hour

Question 9

1. A corporate executive has asked the IT department to provide a solution to ensure data security of removable drives that are being taken off the premises. Which security solution should be recommended?

• BitLocker to go
• TPM
• VPn

2. As data is being stored on a local hard disk, which method would secure the data from unauthorized access?
   data encryption

a duplicate hard drive copy
data encryption
deletion of sensitive files

two factor authentication

Answer 9

1 - BitLocker to go
2 data encryption

Question 10

1. Which type of hard drive format is commonly performed at the factory where the drive is assembled?

EFS

low-level

multifactor

standard

2. A technician has recently changed jobs from supporting a small company to a large company in the security group. What are two types of passwords the larger company could use to secure a workstation? (Choose two.)

BIOS

cryptic

login

multifactor

synchronous

Answer 10

1low level
2 Bios, Login

Question 11

A corporate employee has recently taken the mandated security awareness training and is wanting to use the correct security term. Which issue can occur when browsing the internet and is often initiated by the destination website?

autorun

phishing

pop-up

2. When configuring Windows security, which term is used to mean a rule assocated with an object such as a folder or printer?

ActiveX

firewall

permission

right

3. Which two characteristics of network traffic are being monitored if a network technician configures the company firewall to operate as a packet filter? (Choose two.)

packet speed

MAC addresses

packet size

ports

protocols

Answer 11

1 pop up
2. permission
3 ports, protocols