Chapter 21 Malicious Code and Application Attacks

Question 1

______ store the majority of
their code on another portion of the storage media.

master boot record infection file infection
macro infection
service injection

Answer 1

master boot record infection

Question 2

may slightly alter the code of an executable program, thereby implanting
the technology the virus needs to replicate and damage the system.

master boot record infection file infection
macro infection
service injection

Answer 2

file infection

Question 3

_____ first appeared on the scene in the mid-1990s, utilizing crude technologies
to infect documents created in the popular Microsoft Word environment.

master boot record infection file infection
macro infection
service injection

Answer 3

macro infection

Question 4

______ —injecting themselves into trusted runtime processes
of the operating system, such as svchost.exe, winlogin.exe, and explorer.exe

master boot record infection file infection
macro infection
service injection

Answer 4

Service Injection Viruses

Question 5

________ use more than one propagation technique in an attempt to penetrate systems that defend against only one method or the other

master boot record infection file infection
macro infection
service injection

Answer 5

Multipartite viruses

Question 6

___________ hide themselves by actually tampering with the operating
system to fool antivirus packages into thinking that everything is functioning normally.

master boot record infection file infection
macro infection
service injection

Answer 6

Stealth viruses

Question 7

____ do not generate modified signatures by changing their code;
instead, they alter the way they are stored on the disk.

master boot record infection file infection
macro infection
service injection

Answer 7

Encrypted viruses

Question 8

malicious code objects that infect a system and lie dormant until they are triggered by the
occurrence of one or more conditions such as time, program launch, website logon, and
so on

Answer 8

Logic Bombs

Question 9

a software program that appears benevolent but carries a malicious,
behind-the-scenes payload that has the potential to wreak havoc on a system or network.

Answer 9

Trojan Horses

Question 10

propagate themselves

without requiring any human intervention.

Answer 10

Worms

Question 11

_______ monitors your actions and transmits important details to a remote system that spies on your activity

Spyware
Adware

Answer 11

Spyware

Question 12

_______ uses a variety of techniques to display advertisements on infected computers.

Spyware
Adware

Answer 12

Adware

Question 13

________ occurs when a program checks access permissions too far in advance of a resource
request.

Answer 13

time-of-check-to-time-of-use (TOCTTOU or TOC/TOU)

Question 14

undocumented command sequences that allow individuals with knowledge
of the back door to bypass normal access restrictions.

Answer 14

Back Doors

Question 15

Unix operating systems store encrypted versions of a user’s password in the _______ file.

Answer 15

/etc/passwd

Question 16

_____ _______ _______ attacks occur when web applications contain some type of reflected input.

Answer 16

Cross-Site Scripting (XSS)