Indicators Of Compromise Flashcards

1
Q

an artifact with high confidence the indicates an intrusion. It is a way to tell if a machine has been a victim of malware.

A

Indicators of compromise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Common Definition: Its specific address of a webpage within that domain.

IOC use: Tracking the URLs or domains that malware uses can also be used to determine if a machine is infected.

A

URL’s/ Domains

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Common Definition: refers to permanent data conversion into message digest while encryption works in two ways, which can encode and decode the data.

IOC use: files that are known to be malicious. This can help in identifying trojans and worms.

A

Hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Common Definition: Unique numerical identifier for every device or network that connects to the internet.

IOC use: Tracking the _____which malware connects to can be used to determine if a machine is infected

A

IP address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Common Definition: refers to a unique term or name generated by anti- virus software to identify malicious code.

IOC use: Executables and other files can be scanned for specific sequences of bytes which are unique to a particular virus. In this way even if the malware is hiding within another file, it can still be detected

A

Virus definition/ Signature

How well did you know this?
1
Not at all
2
3
4
5
Perfectly