Section 1.2 Potential indicators to determine the type of attack Flashcards

1
Q

What type of viruses infect the boot sector or partition table of a disk?

A

Boot sector virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the best way to remove a boot sector virus from a system?

A

boot the system using an antivirus or similar emergency recovery data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the most common way a boot sector virus finds its way into a system?

A

through an infected disk or removable media device that is inserted into the computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What kind of virus disguises itself as a legit program?

A

Companion virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What kind of virus generally infect the files that have the extension .com or .exe and try to replicate further by infecting other executable programs on the system with the same extension?

A

File Infector virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

If your computer is afflicted with a file infector virus, you should not do what?

A

do not attach it to a network because it could start infecting files on other workstations and file servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What do you call an an instruction that carries out program commands automatically within an application?

A

Macro

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What kind of virus uses the internal workings of the application to perform malicious operations when a file containing the macros is opened?

A

Macro virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What kind of virus continues to stay in memory and infect other files that are run at the same time?

A

Memory-resident virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What kind of virus hides from antivirus software by encrypting it’s code?

A

Stealth Viruses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What kind of viruses are designed to make detection and revers engineering difficult and time consuming, either through obfuscation or through techniques that add substantial amounts of confusing code to hide the actual virus code itself?

A

Armored Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What kind of malware changes with each infection?

A

Polymorphic malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What kind of malware can recompile itself into a new form, and the code keeps changing from generation to generation?

A

Metamorphic malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the difference between polymorphic and metamorphic malware?

A

Metamorphic malware does not decrypt itself to a single constant virus body in memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What do you call a type of backdoor program that is inserted into application software and allows a remote user root access to the system on which the software is installed, without the permission or knowledge of the user?

A

Rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What kind of rootkit is embedded within the firmware of a device, such as a computer peripheral or network device?

A

Firmware rootkit

17
Q

What kind of rootkit is embedded within the operating system core itself?

A

Kernel rootkit

18
Q

What kind of rootkit is enabled when the system starts and will not turn off unless the system is shut down?

A

Persistent rootkit

19
Q

What kind of rootkit is activated and run in current system memory only when a specific application is launched and does not persist when the system is shut down and restored?

A

Application rootkit

20
Q

What kind of rootkit can intercept specific system and application programming interface (API) calls and replace them with its code?

A

Library rootkit

21
Q

In what kind of password attack does the attacker attempt to log in as a user by guessing the password?

A

Online password attack

22
Q

In what kind of password attack does the attacker steal the database of user credentials and loads them to a system where the attacker has a variety of tools to find the password?

A

Offline password attack

23
Q

What attack allows an attacker to authenticate as a user without having access to the user’s clear text password, bypassing standard authentication procedures that require a user to enter their credentials, and moving directly to the point where a hash is passed?

A

Pass the hash attack

24
Q

What kind of attack uses dictionaries, or lists of common words across various types of organizations, languages, and other words that might be used for passwords, as well as common substitutions?

A

Dictionary attack

25
Q

What kind of attacks are a variation on a dictionary attack that use precomputed hashes (rainbow tables) developed by software that can process huge lists of words and spit out their hash?

A

Rainbow attacks

26
Q

What kind of attack tries the most common passwords against many accounts?

A

Password spraying