Chapter 6

Question 1

advertising that is integrated into software. it can result in pop-up ads or redirection of a browser to a commercial site

Answer 1

adware

Question 2

set of tools for generating new malware automatically using a variety of supplied propagation and payload mechanisms

Answer 2

attack kit

Question 3

Malicious hacker tools used to break into new machines remotely

Answer 3

auto-rooter

Question 4

any mechanism that bypasses a normal security check; it may allow unauthorized access to functionality in a program, or onto a compromised system.

Answer 4

backdoor (trapdoor)

Question 5

Code that installs other items on a machine that is under attack. it is normally included in the malware code first inserted on to a compromised system to then import a larger malware package.

Answer 5

downloaders

Question 6

An attack using code in a compromised web site that exploits a browser vulnerability to attack a client system when the site is viewed.

Answer 6

drive-by-download

Question 7

code specific to a single vulnerability or set of vulnerabilities.

Answer 7

exploits

Question 8

Used to generate a large columns of data to attack networked computer systems, by carrying out some form of denial-of-service DoS attacks

Answer 8

Flooders (DoS client)

Question 9

captures keystrokes on a compromised system

Answer 9

keyloggers

Question 10

Code inserted into malware by an intruder. a _____ lies dormant until a predefined condition is met; the code then triggers an unauthorized act

Answer 10

logic bomb

Question 11

a type of virus the uses macro or scripting code, typically embedded in a document, and triggered when the document is viewed or edited, to run and replicate itself into other such documents

Answer 11

macro virus

Question 12

software that can be shipped unchanged to a heterogeneous collection of platforms and execute with identical semantics

Answer 12

mobile code

Question 13

Set of hacker tools used after attacker has broken into a computer system and gained root-level access

Answer 13

Rootkit

Question 14

used to send large volumes of unwanted e-mail

Answer 14

Spammer programs

Question 15

Software that collects information from a computer and transmits it to another system by monitoring keystrokes, screen data, and or network traffic; or by scanning files on the system for sensitive information.

Answer 15

spyware

Question 16

A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the ______ program

Answer 16

Trojan horse

Question 17

Malware that, when executed, tries to replicate itself into other executable machine or script code; when it succeeds, the code is said to be infected. when the infected code is executed, the _____ also executes.

Answer 17

Virus

Question 18

A computer program that can run independently and can propagate a complete working version of itself onto other hosts on a network, usually by exploiting software vulnerabilities in the target system.

Answer 18

worm

Question 19

Program activated on an infected machine that is activated to launch attacks on other machines.

Answer 19

Zombie/bot

Question 20

___ ____ uses multiple methods of infection or propagation, to maximize the speed of contagion and the severity of the attack

Answer 20

blended attack

Question 21

These toolkits, ____, now include a variety of propagation mechanisms and payload modules that even novices can combine, select, and deploy.

Answer 21

Crimeware

Question 22

A typical virus goes through which four phases

Answer 22

1) Dormant Phase
2) Propagation Phase
3) Triggering Phase
4) Execution Phase

Question 23

The means by which a virus spreads or propagates, enabling it to replicate. the mechanism is also referred to as the infection vector

Answer 23

infection mechanism

Question 24

the event or condition that determines when the payload is activated or delivered, sometimes known as a logic bomb

Answer 24

trigger.

Question 25

What the virus does, besides spreading. the ____ may involve damage or may involve benign but noticeable activity.

Answer 25

Payload

Question 26

Creates copies during replication that are functionally equivalent but have distinctly different bit patterns, in order to defeat programs that scan for viruses. in this case, the “signature” of the virus will vary with each copy.

Answer 26

Polymorphic virus

Question 27

A search to find other systems to infect

Answer 27

scanning or fingerprinting

Question 28

When some malware encrypts the user’s data, and demands payment in order to access the key needed to recover this information.

Answer 28

ransomware.

Question 29

an attacks on a computer system or network that acauses loss of service to users.

Answer 29

DDoS (Distributed denial-of-service attack)

Question 30

With the help of a botnet and thousands of bots, an attacker is able to send massive amounts of bulk e-mail

Answer 30

spamming

Question 31

bots can also use a packet sniffer to watch for interesting clear-text data passing by a compromised machine. the sniffers are mostly used to retrieve sensitive information like usernames and passwords.

Answer 31

sniffing traffic