Malware And Social Threats Flashcards
What is malware?
Malware is software designed to disrupt, damage, or gain unauthorized access to computer systems.
Malware encompasses various types of malicious software, including viruses, worms, and spyware.
Define Trojan.
A Trojan is a type of malware that disguises itself as legitimate software to trick users into installing it.
Trojans can create backdoors for attackers to exploit a system.
What is a rootkit?
A rootkit is a collection of tools that allows unauthorized users to gain control of a computer system without being detected.
Rootkits can modify the operating system to hide their presence.
What is a virus?
A virus is a type of malware that attaches itself to a legitimate program and spreads to other programs and files.
Viruses can corrupt or delete data, and they often require user action to spread.
Define spyware.
Spyware is a type of malware that secretly monitors user activity and collects personal information.
Spyware can track browsing habits and gather sensitive data without user consent.
What is ransomware?
Ransomware is malware that encrypts the victim’s files and demands payment for the decryption key.
Ransomware can cause significant data loss and financial damage.
What is a keylogger?
A keylogger is a type of spyware that records keystrokes to capture sensitive information such as passwords.
Keyloggers can be used for identity theft and other malicious activities.
What is a boot sector virus?
A boot sector virus infects the master boot record of a hard drive, allowing it to execute before the operating system loads.
These viruses can be particularly damaging as they can prevent the system from booting.
What are cryptominers?
Cryptominers are programs that use system resources to mine cryptocurrencies without the user’s consent.
Cryptominers can significantly slow down system performance.
List some tools and methods for detecting and preventing malware.
- Antivirus
- Anti-malware
- Software firewalls
- Recovery mode
- Anti-phishing training
- User education regarding common threats
- OS reinstallation
These tools and methods help enhance system security and reduce the risk of malware infections.
What is the purpose of recovery mode?
Recovery mode is used to troubleshoot and repair a malfunctioning operating system or to restore it to a previous state.
Recovery mode can be essential for removing persistent malware.
True or False: User education plays a role in preventing malware infections.
True
Educating users about common threats and safe practices can significantly reduce the risk of malware infiltration.
Fill in the blank: _______ is a type of malware that encrypts files and demands payment for the decryption key.
Ransomware
What is social engineering?
A manipulation technique that exploits human psychology to gain confidential information or access.
What are the main types of phishing?
Phishing and vishing.
What is shoulder surfing?
The act of observing someone’s screen or keyboard to obtain sensitive information.
What is whaling in the context of social engineering?
A type of phishing that targets high-profile individuals or executives.
What is tailgating?
An unauthorized person following an authorized individual into a secure area.
What is impersonation in social engineering?
Pretending to be someone else to gain access to information or systems.
What is dumpster diving?
Searching through trash to find sensitive information.
What is an evil twin attack?
A fraudulent Wi-Fi network that mimics a legitimate one to steal information.
What is a distributed denial of service (DDoS) attack?
An attack that overwhelms a target with traffic from multiple sources.
What is a denial of service (DoS) attack?
An attack that aims to make a service unavailable by overwhelming it with requests.
What is a zero-day attack?
An attack that exploits a previously unknown vulnerability in software.
What is spoofing?
Falsifying the origin of communication to deceive the recipient.
What is an on-path attack?
An attack where the attacker intercepts communication between two parties.
What is a brute-force attack?
A method of trial and error used to guess passwords or encryption keys.
What is a dictionary attack?
A method of password cracking that uses a list of likely passwords.
What is an insider threat?
A risk posed by individuals within an organization, such as employees or contractors.
What is SQL injection?
A code injection technique that exploits security vulnerabilities in applications using SQL.
What is cross-site scripting (XSS)?
A security vulnerability that allows an attacker to inject malicious scripts into web pages.
What are common vulnerabilities in systems?
Non-compliant systems, unpatched systems, unprotected systems, EOL OSs, and BYOD.
Fill in the blank: _______ is the practice of using personal devices for work purposes.
Bring your own device (BYOD)
What are the three components of the Information Security CIA triad?
Confidentiality, integrity, availability
The CIA triad is a model designed to guide policies for information security within an organization.
What is cybersecurity?
The practice of protecting systems, networks, and programs from digital attacks
Cybersecurity aims to reduce the risk of attacks and protect data integrity.
What are security assessments?
Evaluations of security measures and vulnerabilities in an organization
Security assessments help identify weaknesses and improve security protocols.
Define vulnerability in the context of information security.
A weakness in a system that can be exploited by threats
Vulnerabilities can arise from software bugs, misconfigurations, non compliant systems, unprotected systems, unpatched,byod
Differentiate between internal and external threats.
Internal threats originate from within the organization; external threats come from outside
Both types of threats can be malicious or accidental.
How is risk calculated in information security?
Risk = Impact * Likelihood
This formula helps organizations assess and prioritize potential security risks.
Spear phishing
Attacker knows convincing information to email and get more information
An information gathering threat in which the attacker attempts to learn about the configuration of the network and security systems
Footprinting threats
a specific type of spoofing where the threat actor covertly intercept traffic between 2 hosts and networks. This allows the threat actor to read the modified packets, often designed to recover password hashes.
On path attack
Short rep of data thats A crypto graphic attack to takes any amount of data as input and produces a fixed length value as output
Hashing
