Malware Flashcards
Harmful programs used to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems are commonly referred to as:
Malware
Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is known as:
Ransomware
Which of the following terms refers to an example of crypto-malware?
Ransomware
A type of software that performs unwanted and harmful actions in disguise of a legitimate and useful program is known as:
A Trojan horse
What is an example of spyware?
Keylogger
A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network is known as:
Rootkit
Definitions of a computer virus: [3]
- A self-replicating computer program containing malicious segment
- Requires its host application to be run to make the virus active
- Attaches itself to an application program or other executable component
A malware-infected networked host under remote control of a hacker is commonly referred to as a:
Botnet
What is the name of a standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth?
Worm
Malicious software collecting information about users without their knowledge/consent is known as:
Spyware
What enables troubleshooting a malware-infected system that doesn’t boot up?
Recovery Console
What can be used to launch Windows Recovery Environment (WinRE) in Windows 8/8.1/10? [4]
- Boot from installation media
- In Power menu, hold down the Shift key and select Restart
- Boot from Recovery Drive
- Perform system restart from the Settings menu
What is the most reliable method for effectice malware removal?
Restoring the entire system from a known good backup copy
What would be the best malware-prevention method/tool?
End user education
Unified Threat Management (UTM):
- A network security solution, commonly in the form of a dedicated device
- Functionality of a firewall with additional safeguards such as URL filtering, content inspection, spam filtering, gateway antivirus protection, IDS/IPS functionality, or malware inspection.
What can be used by system administrators to selectively block access to known malware sites?
DNS configuration
According to the CompTIA’s best practice procedures for malware removal, putting a malware-infected Windows-based system into a quarantine should be the next step after:
Identifying and researching malware symptoms
According to the CompTIA’s best practice procedures for malware removal, disabling System Restore on a malware-infected Windows-based system should be performed as the next step after:
Isolating the infected system
Which of the following locations in MS Windows provide access to an interface containing options for configuring restore settings, managing disk space, and deleting restore points? [2]
- Windows Run dialog box -> type in sysdm.cpl + press Enter -> System Protection -> Configure
- Control Panel (Icon view) -> Recovery -> Configure System Restore -> Configure
According to the CompTIA’s best practice procedures for malware removal, removing malicious software on a Windows-based system should be performed as the next step after:
Disabling System Restore
According to the CompTIA’s best practice procedures for malware removal, scheduling scans and running updates on a Windows-based system should be performed as the next step after:
Removing malware from the system
According to the CompTIA’s best practice procedures for malware removal, enabling System Restore and creating a restore point in Windows should be performed as the next step after:
Scheduling scans and running updates
According to the CompTIA’s best practice procedures for malware removal, what should be the final step of the malware removal process?
User education
