Security+ 1.2 Prof. Messer Flashcards
What are the malware types and methods?
- Virus
- Worm
- Trojan
- Spyware/Adware
- Ransomware
- Cryptomalware
- Botnet
- Key Logger
- Rootkit
What is a Drive-by Download
An unintentional download of malware by taking advantage of a browser or app.
What is a Virus?
Malware that can reproduce itself through file systems or networks.
What are the virus types?
- Program Virus
- Boot Sector Virus
- Script Virus
- Macro Virus
- Fileless Virus
What is a Boot Sector Virus?
A virus that exists in the boot sector of a storage device. When a computer is booted, the virus is launched.
What is a Script Virus?
Virus that operates as a script in your system. Exists in the operating system or browser.
What is a Macro Virus?
Similar to a script virus, usually runs within applications (most commonly Microsoft Office apps)
What is a Fileless Virus?
A virus that installs itself into the computer memory (or RAM), uses native or built-in tools to execute a cyber attack.
What is a Worm?
Malware that can reproduce itself without any human intervention.
What is Ransomware?
A form of malware that locks a user from a system or personal data until a ransom is paid.
What is Cryptomalware
A newer generation of ransomware; encrypts the victim’s data until a ransom is paid.
What are two ways to circumvent ransomware attacks?
- Have your data backed up on an online platform
- Don’t click any fishy links
What is a Trojan Horse?
Software that pretends to be helpful in order to conquer your system.
What is a PUP?
Potentially Unwanted Program; A software program that’s often installed with other software. This software can be potentially undesirable and annoying.
What is a backdoor?
An access point in a system or encrypted data that bypasses its security mechanisms.
What is a RAT?
Remote Access Trojan (or remote administration tool); software designed to give the attacker remote access to an infected system.
What is a rootkit?
A collection of malicious computer software designed to enable access to a computer without detection.
What is the kernel?
The core components of an operating system. Manages the operations of a computer and its software.
What is Adware?
A type of malicious software that displays unwanted ads and pop-ups.
What is Spyware?
A form of malware that collects personal data without consent.
What is a keylogger?
Software or hardware used by a malicious attacker to record keystrokes from a system.
What is a bot?
A self-propagating malware that infects a host and connects back to a central server (C&C or C2 servers)
What are some ways your computer can get infected by a bot?
A trojan horse, or other forms of malware, or a vulnerability in the operating system or application.
What is a botnet?
A collection of systems infected by the same malware that connects to a centralized server.
What are some ways an attacker utilizes a botnet?
- Perform Distributed Denial of Service attacks
- Relay Spam
- Proxy network traffic (developing gateways for more malware)
- Other distributed computing tasks
What are some ways rootkits can be removed or avoided?
- Anti-malware scans
- Use a remover specific to the rootkit
- Secure boot with UEFI (Unified Extensible Firmware Interface) - A security feature in modern bios systems that checks the kernel of a system to make sure there are no changes before the boot
What is a logic bomb?
A piece of code that sets off a malicious function when a specified condition is met.
Define hashing a password
The process of changing the format of any given key or string into another value
What is a spraying attack?
A type of brute force attack where an attacker will use a single common password or username across multiple accounts to try and gain access.
What is a brute force attack?
A type of attack where a user will try every possible password combination until the hash is matched.
How does a brute force attack online vs. offline differ?
Brute force attacks- Online
- Very Slow
- Accounts lockout after a number of failed attempts
Brute force attacks- Offline
- The attacker has access to a hash and tries different keys without the risk of discovery
What is a dictionary attack?
A type of brute force attack that involves using a wordlist/dictionary to find common passwords.
What is a rainbow table?
An optimized, pre-built set of hashes used to save time during a password attack.
Define “adding some salt” to a password hash
The process of adding random bits of data to a password before it gets hashed in order to prevent a password breach
Define Skimming
Stealing credit card information during a transaction (usually with hardware).
Define Card Cloning
Using details obtained from a skimming attack to make a physical copy of a card.
What is ML (Machine Learning)
A branch of AI that focuses on the use of data and algorithms to imitate the way that humans learn.
What are some ways that machine learning is implemented in everyday life?
- Spam filtering emails
- Recommending products from online retailers
- Movie/Video recommendations on streaming platforms
- Preventing car accidents in smart cars.
What does it mean to Poison the training data of an AI?
Confusing the AI by sending modified training data that causes the AI to behave incorrectly.
What is a birthday attack?
A brute force attack that exploits the exponentially growing probability of collision.
What is a downgrade attack?
An attack in which the attacker downgrades a communication or a system to a weaker version or protocol.
