Malware

Question 1

What is malware?

Answer 1

Any software that is designed to infiltrate a system and cause damage

Question 2

What are two things malware needs?

Answer 2

An attack/threat vector and an attack surface.

Question 3

What is a virus?

Answer 3

a type of malware that attaches to another program and can replicate and spread to other computer.

Question 4

What does a virus need to be dangerous?

Answer 4

Human interaction.

Question 5

What is a boot sector virus?

Answer 5

A type of virus stored in the boot sector of a hard drive first, and then loaded into memory whenever the infected system boots.

Question 6

What is a program virus?

Answer 6

A type of virus that tries to find executables or application files to infect with their malicious codes.

Question 7

What is an encrypted virus?

Answer 7

A type of virus that is designed to hide itself from being detected by AVS via encrypting it’s malicious code or payloads.

Question 8

What is a metamorphic virus?

Answer 8

A type of virus that’s able to rewrite itself entirely before it attempts to infect a given file.

Question 9

What is an Armor virus?

Answer 9

A type of virus with extra layers of protection that are meant to confuse analyzers

Question 10

What is a macro virus?

Answer 10

A virus written in the macro language. A programming language used to automate repeated tasks.

Question 11

What is a multipartite virus?

Answer 11

A combination of boot-sector and program virus.

Question 12

What is a polymorphic virus?

Answer 12

An Advanced form of encrypted virus that scrambles its code each time it’s executed.

Question 13

What is a Stealth Virus?

Answer 13

A type of technique used to prevent a virus from being picked up by AVS

Question 14

What is a hoax?

Answer 14

A form of technical social engineering that attempts to scare users into taking undesirable actions on their systems.

Question 15

What is a Worm?

Answer 15

Malicious software that can self replicate without user interaction.

Question 16

What is a Trojan

Answer 16

Malicious software that is disguised as a piece of harmless or desirable software.

Question 17

What is ransomware?

Answer 17

Malicious software that is designed to block access to a computer system or its data by encrypting it until a ransom is paid to the attacker

Question 18

What are some ways to mitigate ransomware attacks?

Answer 18

• Conducting regular backups
• Installing regular software updates
• Providing security awareness training
• Implementing multi-factor authentication for a system

Question 19

What is a botnet?

Answer 19

A network of compromised computers or devices controlled remotely by malicious actors

Question 20

What is a zombie?

Answer 20

A compromised computer or device that is a part of a botnet

Question 21

What is a Command and Control Node(C2 Node)?

Answer 21

Responsible for the managing and coordination of activities to other devices with a network.

Question 22

What are common uses for botnets?

Answer 22

Implementing phising campaigns, DDoS attacks, crypto mining.

Question 23

What is a rootkit?

Answer 23

A type of software designed to gain admin level control over a given system undetected

Question 24

What are the 3 rings of protection?

Answer 24

In the context of security, the rings create a form of separation for how data and devices can be accessed.

Ring 0(Kernel Mode): Allows a system to control access to hardware
Ring 1(Root/Admin): Level where root/admin operates
Ring 2(Outermost): Level where user permissions live.

Question 25

What is DLL Injection?

Answer 25

Technique used to run code within the address space of another process by forcing it to load a DLL.

Question 26

What is a DLL?

Answer 26

Dynamic-Link Library A shared library in windows based systems. This library file can contain code, data, and/or resources

Question 27

What is a shim?

Answer 27

Software that is placed between two components capable of intercepting communications.