Malware, Social Engineering and Threats

Question 1

Describe what the acronyms below stand for and what they are:

• DOS
• DDOS

Answer 1

Both are methods to take down a Server

• Denial Of Service - Uses a single source
• Distributed Denial of Service - Uses multiple sources

Question 2

What is the term Evil Twin?

Answer 2

A wireless access point (AP) that has the same name as a legit Wi-Fi AP nearby, used for intercepting traffic.

Question 3

What is the term XSS - Cross-Site Scripting?

Answer 3

A method of executing malicious code on an otherwise legitimate website.

Question 4

Describe the following terms:

• Phishing
• Vishing
• Whaling

Answer 4

• Social Engineering via email
• Social Engineering via phone (voice)
• Phishing specifically for executives

Question 5

Describe Malware

Answer 5

Any malicious program that exists on the computer

Question 6

What is the CompTIA Malware Troubleshooting Method?

Answer 6

1. Identify Symptoms
2. Quarantine System
3. Disable System Restore
4. Remediate
5. Schedule Scans and Updates
6. Enable System Restore
7. Educate

Question 7

What are 8 types of Malwares?

Answer 7

• Virus
• Trojan
• Worm
• Botnet
• Rootkit
• KeyLogger
• Ransomware
• Spyware

Question 8

Name 9 types of Viruses and give a small description

Answer 8

1. Armored - Difficult to analyze
2. Boot Sector - Boots with OS
3. Companion - Parasite to legit program
4. Macro - Attachs Office Suite
5. Multipartite - Multiple Forms
6. Phage - Alters App/DB
7. Polymorphic - Constantly changing
8. Retrovirus - Attacks Anti-Virus
9. Stealth - Avoids Detections

Question 9

A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network is known as:

Answer 9

Rootkit

Question 10

What are 3 statements that apply to the definition of a computer virus?

Answer 10

• Attaches itself to an executable
• Requires its host application to be running
• Malicious Self-replicating program

Question 11

What type of malware exploits computing resources without the owner’s consent?

Answer 11

Cryptominer

Question 12

What provides the most effective means for malware removal?

Answer 12

OS Reinstallation

Question 13

What are 3 characteristics used to describe the characteristics of an on-path attack?

Answer 13

• AKA Man-In-The-Middle Attack
• Attackers place themselves in between 2 devices
• Attackers intercept/modify packets between two devices

Question 14

Entry fields of web forms lacking input validation are vulnerable to what kind of attacks?

Answer 14

SQL Injection

Question 15

What are 3 characteristics used to describe characteristics of an XSS attack?

Answer 15

• Exploits trust between web browser and website
• Malicious script injected into a trusted website
• Browser executes attacker’s script