Malware Flashcards

1
Q

Malware

A

Software designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Malware Types

A
  • Viruses
  • Worms
  • Trojan horses
  • Ransomware
  • Spyware
  • Rootkits
  • Spam
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Virus

A

Malicious code that runs on a machine without the user’s knowledge and infects the computer when executed
Viruses require a user action in order to reproduce and spread

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Boot sector Virus

A

Boot sector viruses are stored in the first sector of a hard drive and are loaded into memory upon boot up

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Macro

A

Virus embedded into a document and is executed when the document is opened by the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Program Virus

A

Program viruses infect an executable or application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Multipartite Virus

A

Virus that combines boot and program viruses to first attach itself to the boot sector and system files before attacking other files on the computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Encrypted Virus

A

An encrypted virus is a computer virus that encrypts its payload with the intention of making detecting the virus more difficult

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Polymorphic Virus

A

an encrypted virus that changes itself every time it is executed by altering the decryption module to avoid detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Metamorphic Virus

A

Virus that is able to rewrite itself entirely before it attempts to infect a file (advanced version of polymorphic virus)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Stealth Virus

A

Virus that uses various mechanisms to avoid detection by antivirus software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Armored Virus

A

Armored viruses have a layer of protection to confuse a program or person analyzing it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Worm

A

§ Malicious software, like a virus, but is able to replicate itself without user interaction
§ Worms self-replicate and spread without a user’s consent or action
§ Worms can cause disruption to normal network traffic and computing activities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Trojan Horse

A

Malicious software that is disguised as a piece of harmless or desirable software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Remote Access Trojan (RAT)

A

Provides the attacker with remote control of a victim computer and is the most commonly used type of Trojan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Ransomware

A

§ Malware that restricts access to a victim’s computer system until a ransom is received
§ Ransomware uses a vulnerability in your software to gain access and then encrypts your files

17
Q

Spyware

A

§ Malware that secretly gathers information about the user without their consent
§ Captures keystrokes made by the victim and takes screenshots that are sent to the attacker

18
Q

Adware

A

Displays advertisements based upon its spying on you

19
Q

Grayware

A

Software that isn’t benign nor malicious and tends to behave improperly without serious consequences

20
Q

Rootkits Types

A

Rootkits
DLL Injection
Driver Manipulation

21
Q

Rootkit

A

§ Software designed to gain administrative level control over a system without detection
§ DLL injection is commonly used by rootkits to maintain their persistent control

22
Q

DLL Injection

A

Malicious code is inserted into a running process on a Windows machine by taking advantage of Dynamic Link Libraries that are loaded at runtime

23
Q

Driver Manipulation

A

§ An attack that relies on compromising the kernel-mode device drivers
that operate at a privileged or system level
§ A shim is placed between two components to intercept calls and redirect
them