MODULE 5

Question 1

Malware:

Answer 1

A program that intends to compromise confidentiality, integrity, or availability system assets

Question 2

Backdoor (Trapdoor):

Answer 2

Secret entry point that bypasses security

Question 3

Mobile code:

Answer 3

Programs that move between heterogeneous devices

Question 4

Auto-rooter kit:

Answer 4

Malware that generates virus codes

Question 4

Crimeware:

Answer 4

Kits for building malware

Question 4

Rootkit:

Answer 4

Set of hidden programs that acquire administrative access

Question 5

Zombie (Bot):

Answer 5

Software on internet attached computers that launch attacks on others

Question 6

APT stands for _____

Answer 6

Advanced Persistent Threats

Question 7

APT:

Answer 7

Sophisticated attacks over an extended period on selected targets

Question 8

Classification of malware:

Answer 8

• Needs host
• Independent
• Doesn’t replicate
• Replicates

Question 9

Attack sources:

Answer 9

• Politically motivated
• Criminals
• Organized crime
• International consultancy organizations
• National government agencies

Question 10

APT techniques:

Answer 10

• Social engineering
• Spear-phishing
• Drive-by-downloads

Question 11

APT’s intent:

Answer 11

• Infect the target
• Extend access

Question 12

Phases of a typical virus:

Answer 12

• Dormant (Idle)
• Propagation (Copying)
• Triggering (Activating)
• Execution (Performing functions)

Question 12

Mobile phone worms:

Answer 12

Worms that communicate via Bluetooth

Question 12

Threat mitigation options:

Answer 12

• Detection
• Identification
• Removal

Question 13

Virus components:

Answer 13

• Infection mechanism
• Trigger
• Payload

Question 14

Drive-by-download:

Answer 14

Exploiting browser vulnerabilities when a user visits a compromised website

Question 14

Water-hole attack:

Answer 14

Studying victim behavior to know what websites they use and then scanning said websites for vulnerabilities to compromise it

Question 14

Malvertising:

Answer 14

Paying for ads with malware in them on websites that the victim visits

Question 15

Clickjacking (UI redress attack):

Answer 15

Leading the user to believe that they’re typing their password to their bank account when instead, they’re typing it into an invisible frame

Question 15

Payload types:

Answer 15

• Causing system corruption
• Attack agent bots
• Information theft
• Rootkits and backdoors

Question 16

Klez payload:

Answer 16

Stops anti-virus programs

Question 17

Chernobyl payload:

Answer 17

Infects files when they’re opened

Question 18

Ransomware payload:

Answer 18

Encrypts user data to demand payment in order to recover the data

Question 19

Real-world damage payload:

Answer 19

Damages physical equipment

Question 20

DDoS stands for _____

Answer 20

Distributed Denial of Service

Question 21

Bot uses:

Answer 21

• DDoS
• Spam
• Advertisement
• Manipulating polls
• Spreading malware
• Sniffing

Question 22

Phishing identity theft:

Answer 22

Social engineering by masquerading as a trusted source

Question 23

Spear phishing:

Answer 23

Acting as a trusted source for a specific target

Question 24

Main elements of prevention:

Answer 24

• Policy
• Awareness
• Vulnerability mitigation
• Threat mitigation

Question 25

Requirements for effective malware countermeasures:

Answer 25

• Generality
• Timeliness
• Resiliency
• Minimal DoS costs
• Transparency
• Global/local coverage

Question 26

Antivirus software generations:

Answer 26

1. Simple scanners
2. Heuristic scanners
3. Activity traps
4. Full-featured protection

Question 27

Host-based behavior-blocking software:

Answer 27

Software that integrates with the host to monitor program behavior for malicious actions