Chapter 9 Malware, Vulnerabilities and Threats

Question 1

Software exploitation

pg.299

Answer 1

attacks launched against applications and higher level services. They include gaining access to data using weakness int he data access objects of a database or a flaw in a service or appliations

Question 2

Spyware

pg.299

Answer 2

differs from other malware in that it works-often actively- on behalf of a third party. Monitors the users activity and reports it to another party without informing the user

Question 3

Adware

pg.301

Answer 3

primary purpose of the malware application is to deliver ads, then it is classified as adware, can have the same qualities as a spyware, but primary purpose is to display ads and generate revenue for the creator

Question 4

Rootkits

pg.301

Answer 4

software programs that have the ability to hide things for certain operating system. rootkit is able to do this by manipulating functions calls to the operating system and filtering out information that would normally appear

Question 5

Trojan Horses

pg.304

Answer 5

Programs that enter a system or network under the guise of another program. may included as an attachment or as a part of an installation, could create a backdoor or replace a valid program during installation

Question 6

Logic Bombs

pg.307

Answer 6

programs or code snippets that execute when a certain predefined event occurs. A bomb may send a note to an attacker when a user is logged on to the Internet and is using a word processor

Question 7

Backdoors

pg.308

Answer 7

Two different meaning. Original term refers to troubleshooting and developer hooks into systems that often circumvented normal authentication. Second type of backdoor refers to gaining access to a network and inserting a program or utility that creates an entrance for attack

Question 8

Botnets

pg.309

Answer 8

Software running on infected computers called zombies.Runs automatically and automomously

Question 9

Ransomeware

pg.309

Answer 9

Takes control of a system and demands that a third party be paid

Question 10

Virus

pg.310

Answer 10

a piece of software designed to infect a computer system

Question 11

Polymorphic

pg.310

Answer 11

these viruses change form in order to avoid detection

Question 12

Stealth

pg.310

Answer 12

these viruses attack attempt to avoid detection by masking themselves form applications

Question 13

Retroviruses

pg.310

Answer 13

Viruses attack or bypass the antivirus software installed on a computer

Question 14

Multipartite

pg.310

Answer 14

Viruses attack your system in multiple ways

Question 15

Armored

pg.310

Answer 15

Type of virus is one that is designed to make itself difficult to detect or analyze

Question 16

Companion

pg.310

Answer 16

Virus attaches itself to legitimate programs and then creates a program with a different file name extension

Question 17

Phage

pg.310

Answer 17

Virus is one that modifies and alters other programs and databases

Question 18

Macro

pg.310

Answer 18

type of virus exploits the enhancements made to many application programs which are used by programmers to expand the capability of appliations

Question 19

Armored Virus

pg.310

Answer 19

virus designed to make itself difficult to detect or analyze. Armored viruses cover themselves with protective code that stops debuggers or dis assemblers from examining elements of the virus

Question 20

Antivirus Software

pg.317

Answer 20

The primary method of preventing the propagation of malicious code . An application that is installed on a system to protect it and to scan for viruses as well as worms and trojan horses

Question 21

Spam

pg.316

Answer 21

Unwanted, unsolicited email

Question 22

DoS attacks

pg.319

Answer 22

Denial of service attacks prevents access to resources by users authorizes to use those resources

Question 23

DDos

pg.320

Answer 23

distributed denial of service is similar to DoS, amplifies the concepts of DoS by using multiple computer systems to conduct the attack against a single organization

Question 24

Spoofing attack

pg.321

Answer 24

an attempt by someone or something to masquerade as someone else, considered an access attack.

Question 25

ARP spoofing

pg.321

Answer 25

The MAC address Media Access Control, the data is faked

Question 26

DNS spoofing

pg.321

Answer 26

the DNS server is given information about a name server that it thinks is legitimate when it isnt

Question 27

Pharming Attack

pg.322

Answer 27

Pharming is a form of redirection in which traffic intended for one host is sent to another

Question 28

Phishing

pg.322

Answer 28

Phishing is a form of social engineering in which you ask someone for a piece of info that you are missing bu making it look like a legitimate question

Question 29

Spear phishing

pg.323

Answer 29

A unique form of phishing in which a message is made to look as if it came from someone you know and trust as opposed to an informal third party

Question 30

NMAP

pg.324

Answer 30

Known as the XMAS attack, an advance scan that tries to get to get around the firewall detection and look of open ports. Which can run on all operating systems.

Question 31

Man in the middle atack

pg.324

Answer 31

clandestinely places something in between sever and the user abut which neither the servers admin nor the user is aware