Chapter 2 - Malware And Social Engineering Attacks

Question 1

Malware

Answer 1

Software that enters a computer system without the users knowledge or consent and then performs an unwanted and usually harmful action.

Question 2

The four traits that a malware can possess

Answer 2

1) circulation
- viruses
- worms
2) infection
- Trojans
- ransomware
- crypto-malware
3) concealment
- rootkit
4) payload capabilities

Question 3

Virus

Answer 3

Malicious computer code that reproduces itself on the same computer

Question 4

Worm

Answer 4

A malicious program that uses a computer network to replicate.

Question 5

Trojan

Answer 5

An executable program that is advertised as performing one activity but which also performs a malicious activity.

Question 6

Remote access Trojan (RAT)

Answer 6

A Trojan that also gives the threat agent unauthorized remote access to the victims computer by using specially configured communication protocols.

Question 7

Ransomware

Answer 7

Malware that prevents a users device from properly and fully functioning until a fee is paid.

Question 8

Crypto-malware

Answer 8

Malware that encrypts all the files on the device so that they cannot be opened.

Question 9

Rootkit

Answer 9

Malware that hides its presence or presence of other malware.

Question 10

Spyware

Answer 10

Tracking software that is deployed without the consent or control of the user.

Question 11

Keylogger

Answer 11

Spyware that silently captures and stores each keystroke that a user types on the computers keyboard.

Question 12

Adware

Answer 12

A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.

Question 13

Logic bomb

Answer 13

Computer code that lies dormant until it is triggered by a specific logical event.

Question 14

Back door

Answer 14

Software code that gives access to a computer, program, or a service that circumvents any normal security protections.

Question 15

Bot (zombie)

Answer 15

An infected computer that is under the remote control of an attacker for the purpose of launching attacks.

Question 16

Phishing

Answer 16

Sending an email or displaying a web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information.

Question 17

Spear phishing

Answer 17

A phishing attack that targets only specific users.

Question 18

Whaling

Answer 18

A phishing attack that targets only wealthy individuals.

Question 19

Vishing

Answer 19

A phishing attack that uses telephone calls instead of emails.

Question 20

Hoax

Answer 20

False warning.

Question 21

Watering hole attack

Answer 21

A malicious attack that is directed toward a smaller group of specific individuals by embedding malware in a website frequented by these individuals.

Question 22

Tailgating

Answer 22

When an unauthorized individual enters a restricted-access building by following an authorized user.

Question 23

Shoulder surfing

Answer 23

Watching a user enter secret information. (On a keypad)