Malware

Question 1

Software that is designed to infiltrate and damage a system

Answer 1

Malware

Question 2

Malicious code that runs on a machine without the user’s knowledge and infects the computer when executed

Answer 2

Virus

Question 3

True or False? Viruses require user action in order to reproduce and spread

Answer 3

True

Question 4

Type of virus that is stored in the first sector of a hard drive and is loaded into memory upon boot

Answer 4

Boot sector virus

Question 5

Type of virus embedded into a document and is executed when the document is opened by the user

Answer 5

Macro virus

Question 6

Type of virus that seeks out executables or application files to infect

Answer 6

Program virus

Question 7

Type of virus that combines boot and program viruses to first attach itself to the boot sector and system files before attacking other files on the computer

Answer 7

Multipartite virus

Question 8

Type of virus that uses a cipher to encrypt its contents to avoid detection by any antivirus software

Answer 8

Encryption virus

Question 9

Type of virus that changes its code each time it’s executed by altering the decryption module to evade detection

Answer 9

Polymorphic virus

Question 10

Type of virus that has the ability to rewrite itself entirely before attempting to infect a file

Answer 10

Metamorphic virus

Question 11

Type of virus that has a layer of protection to confuse a program or a person who’s trying to analyze it

Answer 11

Armored virus

Question 12

A piece of malicious software that can replicate itself without any interaction

Answer 12

Worm

Question 13

A piece of malicious software that is disguised as a piece of harmless or desirable software

Answer 13

Trojan

Question 14

Type of Trojan that provides the attacker with remote control of a victim computer

Answer 14

Remote Access Trojan (RAT)

Question 15

Malware that restricts access to a victim’s computer system until a ransom is received

Answer 15

Ransomware

Question 16

Malware that uses a vulnerability in your software to gain access and then encrypts your files

Answer 16

Ransomware

Question 17

Malware that secretly gathers information about the user without their consent

Answer 17

Spyware

Question 18

Displays advertisements based upon its spying on you

Answer 18

Adware

Question 19

Software that isn’t benign nor malicious and tends to behave improperly without serious consequences

Answer 19

Grayware
(“joke”ware like crazy mouse)

Question 20

Software designed to gain administrative level control over a system without detection

Answer 20

Rootkit

Question 21

Type of rootkit that has malicious code that is inserted into a running process on a Windows machine by taking advantage of Dynamic Link Libraries that are loaded at runtime

Answer 21

DLL Injection (Dynamic Link Libraries)

Question 22

Type of rootkit attack that relies on compromising the kernel-mode device drivers that operate at a privileged or system level

Answer 22

Driver Manipulation

Question 23

A piece of software code that is placed between two components to intercept calls and redirect them

Answer 23

Shim

Question 24

A collection of compromised computers under the control of a master (command and control: C2) node

Answer 24

Botnet

Question 25

Occurs when many machines target a single victim and attack them at the exact same time

Answer 25

DDoS

Question 26

A hospital’s file server has become infected with malware. The files on the server all appear to be encrypted and cannot be opened. The network administrator receives an email from the attacker asking for 20 bitcoin in exchange for the decryption key. Which type of malware MOST likely infected these computers?

a) Spyware
b) Ransomware
c) Keylogger
d) Rootkit

Answer 26

b) Ransomware

Question 27

A computer was recently infected with a piece of malware. Without any user intervention, the malware is now spreading throughout the corporate network and infecting other computers that it finds. Which type of malware MOST likely infected these computers?

a) Worm
b) Virus
c) Trojan
d) Ransomware

Answer 27

a) Worm

Question 28

Which of the following is the BEST way to regularly prevent different security threats from occurring within your network?

a) Disaster recovery planning
b) User training and awareness
c) Penetration testing
d) Business continuity training

Answer 28

b) User training and awareness

Studies have shown that an investment in end-user cybersecurity awareness training has the best return on investment of any risk mitigation strategy