P2L1 Flashcards
1
Q
types of malware
A
- needs host program (trap doors, logic bombs, trojan, virus, plugins/extension/scripts)
- independent (worms, botnets, apts - advance persistent threat)
2
Q
trapdoor
A
- backdoor to the program, only known to the programmer and the hacker
- typically works by recognizing some special sequence of input
3
Q
logic bomb
A
embedded in legitimate programs, activates when some conditions are met
4
Q
trojan
A
hidden in host program, and executes when the host executes
5
Q
virus
A
- infects a program by changing it.
- self-copy to programs to spread
6
Q
4 stages of virus
A
- Dormant
- propagation
- trigger
- execution
7
Q
Dormant phase
A
program is infected, but not execute yet
8
Q
propagation phase
A
virus is spreading
9
Q
trigger phase
A
host runs trigger virus (click email attachment)
10
Q
execution phase
A
virus execute, then look for hosts to spread
11
Q
spy on someone
A
trojan
12
Q
cripple a computer
A
logic bomb
13
Q
quickly spread
A
virus
14
Q
virus structure
A
- first line: go to main of virus
- second line: tag (infected or not)
- main: find and infect other programs, do some damage, go to first line of host to do normal work
- avoid detection: compress, decompress host
15
Q
parasitic virus
A
scan/infect program