Chapter 2 Key Terms Flashcards
1
Q
spreading rapidly to other systems to impact a large number of users payload RAT circulation trojan
A
circulation
2
Q
the nefarious actions the malware performs flatulence concealment payload capabilitie payload
A
payload capabilities
3
Q
a false warning, often contained in an email message claiming to come from the IT department hoax phishing whaling impersonation
A
Hoax
4
Q
to watch an individual entering the security code on a keypad; a user casually observes someone entering secret information, such as the security code on a door keypad shoulder surfing spear phishing tailgating watering hole attack
A
shoulder surfing
5
Q
delivers advertising content in a manner that is unexpected and unwanted by the user backdoor impersonation adware spyware
A
adware
6
Q
avoiding detection by hiding its presence from software scanners that are looking for malware concealment virus rootkit worm
A
concealment
7
Q
digging through trash receptacles to find information that can be useful in an attack watering hole attack tailgating dumpster diving shoulder surfing
A
dumpster diving
8
Q
a malicious program that uses a computer network to replicate trojan concealment virus worm
A
worm
9
Q
used to delete data; a computer code that is typicaly added to a legitimate program but lies dormant until a specific logical event triggers it logic bomb backdoor time bomb whaling
A
logic bomb
10
Q
an executable program that masquerades as performing a benign activity but also does something malicious worm trojan RAT virus
A
trojan
11
Q
once an authorized person opens the door, one or more individuals can follow behind and also enter dumpster diving mantrap shoulder surfing tailgating
A
tailgating
12
Q
gives access to a computer, program, or service that circumvents any normal security protections social engineering rootkit spyware backdoor
A
backdoor
13
Q
gives the threat actor unauthorized remote access to the victim's computer by using specially configured communication protocols trojan worm RAT virus
A
RAT
14
Q
a means of gathering information for an attack by relying on the weaknesses of individuals phishing whaling gregarious social engineering
A
social engineering
15
Q
sending millions of generic emails; targetting specific users vishing whaling phishing spear phishing
A
spear phishing
16
Q
to masquerade as a real or fictitious character and then play out the role of that person on a victim impersonation hoax identity theft phishing
A
impersonation
17
Q
blocking the user from accessing the computer; encrypting all files on the computer crypto-malware rootkit keylogger ransomware
A
cypto-malware
18
Q
directed toward a smaller group of specific individuals, such as the major executives working for a manufacturing company dumpster diving whaling social engineering watering hole attack
A
watering hole attack
19
Q
a type of malicious software that, when executed, replicates itself by modifying other computer programs and inserting its own code logic bomb concealment worm virus
A
virus
20
Q
silently captures and stores each keystroke that a user types on the computer’s keyboard
keylogger
phishing
whaling
spyware
A
keylogger
21
Q
prevents a user's device from properly and fully fuctioning until a fee is paid spyware crypto-malware ransomware rootkit
A
ransomware
22
Q
tracking software that is deployed without the consent or control of the user spyware adware backdoor social engineering
A
spyware
23
Q
targets the "big fish," namely, wealthy individuals or senior executives within a business who typically would have larger sums of money in a bank account that an attacker could access if the attack is successful phishing spear phishing impersonation whaling
A
whaling
24
Q
once the malware reaches a system, it must embed itself into that system. infection rootkit virus concealment
A
infection
25
```
an attacker calls a victim who, upon answering, hears a recorded message that pretends to be from the user's bank stating that her credit card has experienced fraudulent activity or that her bank account has had unusual activity
vishing
hoax
whaling
phishing
```
vishing
26
Which of the following describes the key difference between vishing and phishing attacks?
A.Phishing is used by attackers to steal a person's identity.
B.Vishing attacks require some knowledge of the target of attack.
C.Vishing attacks are accomplished using telephony services.
D.Phishing is a category of social engineering attack.
C.Vishing attacks are accomplished using telephony services.
27
```
Which of the following works by implanting software on systems but delays execution until a specific set of conditions is met?
A.Logic bomb
B.Trojan
C.Scareware
D.Ransomware
```
A. Logic bomb
28
```
A third-party penetration testing company was able to successfully use an ARP cache poison technique to gain root access on a server. The tester successfully moved to another server that was not in the original network. Which of the following is the MOST likely method used to gain access to the other host?
A.Backdoor
B.Pivoting
C.Persistence
D.Logic Bomb
```
A. Backdoor
29
A systems administrator found a suspicious file in the root of the file system. The file contains URLs, usernames, passwords, and text from other documents being edited on the system. Which of the following types of malware would generate such a file?A.Keylogger
B.Rootkit
C.Bot
D.RAT
Keylogger
30
An attacker wearing a building maintenance uniform approached a company’s receptionist asking for access to a secure area. The receptionist asks for identification, a building access badge and checks the company's list approved maintenance personnel prior to granting physical access to the secure are. The controls used by the receptionist are in place to prevent which of the followingtypes of attacks?A.Tailgating
B.Shoulder surfing
C.Impersonation
D.Hoax
C. Impersonation
