Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ exam > malware > Flashcards

malware Flashcards

1
Q

What is malware?

A

this a blanket term that stands for certain types of attacks or threats to a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a virus?

A

This is a attack that needs to attach to a host app and is activated by the host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a Marco virus?

A

It is a subset of a application like excel that gets imbedded with a virus or malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a boot sector virus?

A

A virus that gets attached to the boot sector of harddrive that communicates with the hardware of your computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what are attachment viruses?

A

An attachment in a email that is part of a phishing scam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a file infector?

A

It will typically get in a game or file on your computer and infect it so when the file is opened then virus is executed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are polymorphic virus?

A

can change it look or signature so it can move around in the system unfound

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a network virus/

A

This is a network virus that uses network devices and move through communications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a worm?

A

It is self-sufficient, self replicating and goes to take up all your computers resources and causes crashes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is file-less malware?

A

It is stealthy because it runs in the memory and is not stored usually downloaded from a phishing email

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a root-kit virus?

A

This is a virus that goes for privileged accuses and escalating their rights, they are hard to find due to low-level access that get in with the hardware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a key-loggers?

A

It is a byproduct of malware, it captures all your keyboard inputs and sends it back to the hacker. This can be a physical attack like a USB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a backdoor?

A

It is like a Trojan and is software-based malware and can be part of applications made by the developers or a disgruntled employee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a logic bomb?

A

It sits dormant until a certain time, date, or action or inaction occurs then executes and infects your computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is ransomware?

A

a form of malware that infects your network and encrypt files then holds them for ransom until it is paid and then will give a decryption key that often doesn’t work

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

what is a bot?

A

a collection of exploited devices, infected by a trojan and RATs (remote access trojan) help construct and communication network used in command and control or C2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a trojan?

A

It looks benign and delivers malware it paves the way for RATs, keloggers and orther viruses, usually download of a program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is a Pups?

A

It is unwanted software that gets downloaded with other software and not know about

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is a password attack?

A

a attack against authentication systems that are automated to crack the password of a the user

20
Q

What is brute force attack?

A

This is a guessing attack by trying every possible combination until the system unlocked, can be a very long process

21
Q

What is a dictionary attack?

A

It is a brute force attack type using a database of common passwords to get into the system

22
Q

What is a rainbow table attack

A

this is a brute force attack that uses configured chains of passwords or hashes and the chains are stored in tables that can be up TB in size, and reduce how long the process attack

23
Q

What is password spraying?

A

This attack takes a single password and tries it against a whole user database. That usually will work using common passwords

24
Q

What is system resource?

A

CPU, memory, storage, network communication

25
Q

Affects on resources and memory during a attack?

A

It will attack resources to exhaustion and let out memory leaks which is when a application is online and it keeps consuming your memory.

26
Q

What is a DLL injection attack?

A

a sophisticated attack and a modification of a driver functionality it exploits a legitmate process

27
Q

What are the driver manipulation types?

A
  • Shimming: a small libraries that performs some kind of action that helps legacy devices continue to work on the network, it enables backwards compatibility. This can be exploited
  • refactoring: these modify internal code and the behavior may not change and usually is a design improvement of the application. This can be exploited
28
Q

What does a driver do?

A

It takes the high level programming language and changes it so that hardware can understand,examples: windows kernal or linux kernal

29
Q

What is a race condition?

A

When a process is run and the output of that process is used for process 2, but the 2nd process doesn’t wait for the results of the 1st process or both processes run at the same

30
Q

What is TOC/TOU?

A

This usually happens when something has shared resource, when user 1 and user 2 try to access something while another user, user 3 is already using this resource but will get booted off that project. TOC = Time of check, TOU = time of use

31
Q

Pointer/object de-reference attacks

A

are common in some programming languages, and inject in de-referenced network communication container within a packet. to allow access to memory or execute code or denial of service attacks

32
Q

What is a interger overflow?

A

When the memory location for a binary value is bigger than the actual size of the process like 8 to 9 bits that xtra bit can have code injected into it

33
Q

What is cross-site scripting?

A

It a type of attack that injects malicious script into a web browser.

34
Q

What is a reflected XSS attack?

A

A user interacts with a web browser, from a interaction through a malicious link in a email. inside the url the hacker injects code that performs a action to steal information, Example session token attack. More common because less complex

35
Q

What is a stored XSS attack?

A

This happens when a hacker injects a malicious script into a comment section of a web browser page, the script gets stored and a user then goes to that site and the script get executed and downloaded on the user computer. The difference is this is stored

36
Q

What is a DOM based XSS attack?

A

More advanced XSS attack there’s of processing of untrusted data which writes to the DOM. This is a client-side attack

37
Q

What are the Request forgery types?

A

Client side request forgery - A user visits a websites logs in to the webserver, the user clicks on a link in a email with malicious script that does a forged request for a funds transfer through a web request

Server-side request forgery - a hacker sends a http request through a web application which is sent to the web server and sense that server has access to back-end database it then gets into the back-end server due to the lower security within a LAN network

38
Q

What is a replay attack?

A

its a re-transmission of data, a hacker doing packet sniffing and captures the user login and re-transmits that access request and then gaining access to the resource server

39
Q

What is a pass the hash attack?

A

When the user logins to a webs server he sends his hashed password, the hacker gets that from packet sniffing and then re transmit that hashed password to gain access to the system.

40
Q

Ways to protect against replay attacks?

A

A time-stamp is given for each web request and that time-stamp can be tracked and analyzed by the protocols like TCP and if timing is off that packet is thrown out

41
Q

What is a DNS

A

It is a domain name server, it takes the website name or domain name in a web request and changes it to a IP address for that site

42
Q

What is the DNS process?

A

A user types a website and this goes to the DNS cache that is stored if it is not there then it goes to the DNS server then to its DNS cache, that it was given to by the root DNS server.

43
Q

What is DNS poisoning?

A

The hacker sends a http request answer to a DNS server and that gets stored in the servers DNS cache, now that hackers domain site will be given to users and then the user gets information stolen or infected

44
Q

What is DNS hi-jacking?

A

The attacker manipulates the TCP/IP properties of the network adapter, and mainpulated the DNS server the user usually connects to and replaces it with a malicious DNS with malicious web server

45
Q

What is domain hi-jacking?

A

the hacker does dns lookup and goes to website. the hacker gets the owner of a domain registar information from possibly a phishing attack, and changes the domain registar to their site or duplicates the site with a malicious one

Security+ exam (74 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions