Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security + (SY0-701) > Section 6.58 Indications of Malware attacks > Flashcards

Section 6.58 Indications of Malware attacks Flashcards

Objectives 2.4 Given a Scenario, analyse indicators of malicious activity

1
Q

Indications of Malware Attacks

1 Account Lockouts

A

Malware, especially those designed for credential theft or brute force
attacks, can trigger multiple failed login attempts that would result in a
user’s account being locked out

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Indications of Malware Attacks

2 Concurrent Session Utilization

A

If you notice that a single user account has multiple simultaneous or concurrent sessions open, especially from various geographic locations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Indications of Malware Attacks

3 Blocked Content

A

If there is a sudden increase in the amount of blocked content alerts you are seeing from your security tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Indications of Malware Attacks

4 Impossible Travel

A

Refers to a scenario where a user’s account is accessed from two or more
geographically separated locations in an impossibly short period of time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Indications of Malware Attacks

5 Resource Consumption

A

If you are observing any unusual spikes in CPU, memory, or network
bandwidth utilization that cannot be linked back to a legitimate task

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Indications of Malware Attacks

6 Resource Inaccessibility

A

Ransomware

○ Form of malware that encrypts user files to make them
inaccessible to the user

If a large number of files or critical systems suddenly become inaccessible or if users receive messages demanding payment to decrypt their data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Indications of Malware Attacks

7 Out-of-Cycle Logging

A

If you are noticing that your logs are being generated at odd hours or
during times when no legitimate activities should be taking place (such as in the middle of the night when no employees are actively working)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Indications of Malware Attacks

8 Missing Logs

A

If you are conducting a log review as a cybersecurity analyst and you see that there are gaps in your logs or if the logs have been cleared without any authorised reason

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Indications of Malware Attacks

9 Published or Documented Attacks

A

If a cybersecurity research or reporter published a report that shows that your organization’s network has been infected as part of a botnet or other malware-based attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security + (SY0-701) (238 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions