IS3340 CHAPTER 5

Question 1

Software that intercepts all incoming (and optionally outgoing) information, scanning each message or file for malware content is called ___?

Answer 1

ANTI-MALWARE SHIELD

Question 2

Software designed to detect and mitigate spyware is called ___?

Answer 2

ANTI-SPYWARE SOFTWARE

Question 3

Software designed to detect and mitigate some types of malware, including mainly viruses, worms, and Trojan horses is called ___?

Answer 3

ANTIVIRUS SOFTWARE

Question 4

A condition in which a running program stores data that is larger than the memory location set aside for the data is called ___?
The extra data spills spills over into adjacent memory, causing other data and possibly instructions to be overwritten. An attacker can place specific data in this area to change the instructions a program executes.

Answer 4

BUFFER OVERFLOW

Question 5

The practice of identifying malware based on previous experience is called ___?

Answer 5

HEURISTICS

Question 6

Software that is designed to infiltrate a target computer and make it do something the attacker has instructed it to do is called ___?

Answer 6

MALICIOUS SOFTWARE

Question 7

A common term used to describe malicious software, including viruses, worms, and Trojan horses, especially in combinations is called ___?

Answer 7

MALWARE

Question 8

Software that modifies or replaces one or more existing programs, often part of the operating system, to hide the fact a computer has been compromised is called a ___?

Answer 8

ROOTKIT

Question 9

The unique set of instructions that make up an instance of malware and distinguish it from other malware is called ___?

Answer 9

SIGNATURE

Question 10

An organized collection of malware signatures used by antivirus or anti-spyware (or other anti-malware) software to identify malware is called ___?

Answer 10

SIGNATURE DATABASE

Question 11

Software that covertly monitors and records pieces of information such as Web surfing activities and all data process by the browser is called ___?

Answer 11

SPYWARE

Question 12

Software that masquerades as an apparently harmless program or data file but contains malware instructions is called ___?

Answer 12

TROJAN HORSE

Question 13

A software program that attaches itself to, or copies itself into, another program for the purpose of causing the computer to follow instructions that were not intended by the original program developer is called ___?

Answer 13

VIRUS

Question 14

Active malware that either exploits an unknown vulnerability or one for which no fix has yet been released is called ___?

Answer 14

ZERO-DAY ATTACK

Question 15

1. Which type of malware is a standalone program that replicates and sends itself to other computers?
2. Worm
3. Virus
4. Rootkit
5. Trojan

Answer 15

Worm

Question 16

2. Which type of malware modifies or replaces parts of the operating system to hide the fact that the computer has been compromised?
3. Worm
4. Virus
5. Rootkit
6. Trojan

Answer 16

Rootkit

Question 17

3. Which type of malware disguises itself as a useful program?
4. Worm
5. Virus
6. Rootkit
7. Trojan

Answer 17

Trojan

Question 18

4. Which term describes a unique set of instructions that identify malware code?
5. Fingerprint
6. Signature
7. Rule set
8. Heuristic

Answer 18

Signature

Question 19

5. Which of the following terms means identifying the malware based on past experience?
6. Heuristic analysis
7. Log file analysis
8. Signature analysis
9. Historical analysis

Answer 19

Heuristic analysis

Question 20

6. A signature database that is one month old may potentially expose that computer to how many new threats?
7. 200
8. 1400
9. 3000
10. 6000

Answer 20

6000

Question 21

7. Which of the following terms describes a secure location to store identified malware?
8. Safe
9. Vault
10. Signature database
11. Secure Storage

Answer 21

Vault

Question 22

8. Which of the following anti-malware components is also referred to as a real-time scanner?
9. Shield
10. Scanner
11. Heuristic engine
12. Antivirus software

Answer 22

Shield

Question 23

9. Which anti-malware tool is included with Windows 7?
10. Windows AntiVirus
11. Windows Doctor
12. Windows Defender
13. Windows Sweeper

Answer 23

Windows Defender

Question 24

10. Which of the following best describes a zero-day attack?
11. Malware that no longer is a threat
12. Malware that can exploit a vulnerability but has not yet been released
13. Malware that is actively exploiting vulnerabilities on computers that have not applied the latest patches
14. Malware that is actively exploiting an unknown vulnerability

Answer 24

Malware that is actively exploiting an unknown vulnerability

Question 25

11. What is the best first step to take when malware is discovered soon after installing new software?
12. Uninstall the new software
13. Scan for malware
14. Update the new software
15. Install additional anti-malware software

Answer 25

Uninstall the new software

Question 26

12. What is the best first step to take if initial actions to remove malware are not successful?
13. Install additional anti-malware software
14. Rescan for malware
15. Update the signature database
16. Disconnect the computer from the network

Answer 26

Disconnect the computer from the network

Question 27

13. The Morris worm exploited this vulnerability:

____?

Answer 27

Buffer overflow

Question 28

14. Which type of malware covertly primarily collects pieces of information?
15. Spyware
16. Trojan
17. Virus
18. Rootkit

Answer 28

Spyware

Question 29

15. Why is a rootkit so difficult to detect?
16. Most anti-malware tools don’t scan for rootkits
17. A rootkit gives administrator privileges to an attacker
18. A rootkit does not run in memory
19. A rootkit may have modified the tools used to detect it

Answer 29

A rootkit may have modified the tools used to detect it