IS3340 CHAPTER 5 Flashcards

1
Q

Software that intercepts all incoming (and optionally outgoing) information, scanning each message or file for malware content is called ___?

A

ANTI-MALWARE SHIELD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Software designed to detect and mitigate spyware is called ___?

A

ANTI-SPYWARE SOFTWARE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Software designed to detect and mitigate some types of malware, including mainly viruses, worms, and Trojan horses is called ___?

A

ANTIVIRUS SOFTWARE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A condition in which a running program stores data that is larger than the memory location set aside for the data is called ___?
The extra data spills spills over into adjacent memory, causing other data and possibly instructions to be overwritten. An attacker can place specific data in this area to change the instructions a program executes.

A

BUFFER OVERFLOW

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The practice of identifying malware based on previous experience is called ___?

A

HEURISTICS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Software that is designed to infiltrate a target computer and make it do something the attacker has instructed it to do is called ___?

A

MALICIOUS SOFTWARE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A common term used to describe malicious software, including viruses, worms, and Trojan horses, especially in combinations is called ___?

A

MALWARE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Software that modifies or replaces one or more existing programs, often part of the operating system, to hide the fact a computer has been compromised is called a ___?

A

ROOTKIT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The unique set of instructions that make up an instance of malware and distinguish it from other malware is called ___?

A

SIGNATURE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An organized collection of malware signatures used by antivirus or anti-spyware (or other anti-malware) software to identify malware is called ___?

A

SIGNATURE DATABASE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Software that covertly monitors and records pieces of information such as Web surfing activities and all data process by the browser is called ___?

A

SPYWARE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Software that masquerades as an apparently harmless program or data file but contains malware instructions is called ___?

A

TROJAN HORSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A software program that attaches itself to, or copies itself into, another program for the purpose of causing the computer to follow instructions that were not intended by the original program developer is called ___?

A

VIRUS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Active malware that either exploits an unknown vulnerability or one for which no fix has yet been released is called ___?

A

ZERO-DAY ATTACK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Which type of malware is a standalone program that replicates and sends itself to other computers?
  2. Worm
  3. Virus
  4. Rootkit
  5. Trojan
A

Worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Which type of malware modifies or replaces parts of the operating system to hide the fact that the computer has been compromised?
  2. Worm
  3. Virus
  4. Rootkit
  5. Trojan
A

Rootkit

17
Q
  1. Which type of malware disguises itself as a useful program?
  2. Worm
  3. Virus
  4. Rootkit
  5. Trojan
A

Trojan

18
Q
  1. Which term describes a unique set of instructions that identify malware code?
  2. Fingerprint
  3. Signature
  4. Rule set
  5. Heuristic
A

Signature

19
Q
  1. Which of the following terms means identifying the malware based on past experience?
  2. Heuristic analysis
  3. Log file analysis
  4. Signature analysis
  5. Historical analysis
A

Heuristic analysis

20
Q
  1. A signature database that is one month old may potentially expose that computer to how many new threats?
  2. 200
  3. 1400
  4. 3000
  5. 6000
A

6000

21
Q
  1. Which of the following terms describes a secure location to store identified malware?
  2. Safe
  3. Vault
  4. Signature database
  5. Secure Storage
A

Vault

22
Q
  1. Which of the following anti-malware components is also referred to as a real-time scanner?
  2. Shield
  3. Scanner
  4. Heuristic engine
  5. Antivirus software
A

Shield

23
Q
  1. Which anti-malware tool is included with Windows 7?
  2. Windows AntiVirus
  3. Windows Doctor
  4. Windows Defender
  5. Windows Sweeper
A

Windows Defender

24
Q
  1. Which of the following best describes a zero-day attack?
  2. Malware that no longer is a threat
  3. Malware that can exploit a vulnerability but has not yet been released
  4. Malware that is actively exploiting vulnerabilities on computers that have not applied the latest patches
  5. Malware that is actively exploiting an unknown vulnerability
A

Malware that is actively exploiting an unknown vulnerability

25
Q
  1. What is the best first step to take when malware is discovered soon after installing new software?
  2. Uninstall the new software
  3. Scan for malware
  4. Update the new software
  5. Install additional anti-malware software
A

Uninstall the new software

26
Q
  1. What is the best first step to take if initial actions to remove malware are not successful?
  2. Install additional anti-malware software
  3. Rescan for malware
  4. Update the signature database
  5. Disconnect the computer from the network
A

Disconnect the computer from the network

27
Q
  1. The Morris worm exploited this vulnerability:

____?

A

Buffer overflow

28
Q
  1. Which type of malware covertly primarily collects pieces of information?
  2. Spyware
  3. Trojan
  4. Virus
  5. Rootkit
A

Spyware

29
Q
  1. Why is a rootkit so difficult to detect?
  2. Most anti-malware tools don’t scan for rootkits
  3. A rootkit gives administrator privileges to an attacker
  4. A rootkit does not run in memory
  5. A rootkit may have modified the tools used to detect it
A

A rootkit may have modified the tools used to detect it