Threats, Vulnerabilities, Common Attacks Flashcards
1
Q
Virus
A
Virus
- Malicious code that attaches to host app
- Executes when host executed
- Tries to replicate by finding other host apps
- At some point virus activates and delivers payload
2
Q
Worm
A
Worm
- Self-replicating
- Travels throughout network without assistance of host app or user interaction
- Resides in memory
- Worms consume network bandwidth
3
Q
Trojan
A
Trojan
- Looks beneficial (pirated software, utility, game)
- Malicious website drive-by download
- Rogueware/scareware - popup on website that malware detected - gets users to download trojan antivirus software
4
Q
RAT
A
RAT Remote Access Trojan -Take control of system from remote location -Often from drive-by downloads -log keystrokes -take screenshots -explore network using credentials of user's computer -Install more RATs on other sytems
5
Q
Watering Hole Attack
A
Watering Hole Attack
-Infect trusted website
6
Q
Polymorphic Malware
A
Polymorphic Malware
- Adds variations to files when it makes copies
- Heuristic anti-virus can detect - runs questionable code in sandbox, can detect zero-day vulnerabilities
7
Q
DEP
A
DEP
Data Execution Prevention
-Security feature that prevents code from executing in memory regions marked as non-executable
-Protects system from malware
-Enabled via hardware BIOS and Windows OS