Week 1 - Malicious Software

Question 1

What does the acronym CIA stand for (not government)

[as in CIA triad]

Answer 1

C - Confidentiality
I - Integrity
A - Availability

Question 2

What does the CIA triad refer to?

Answer 2

it’s a guiding model for designing information security policies

Question 3

What does confidentiality mean?

Answer 3

Keeping things hidden (from unwanted eyes)

Question 4

What does integrity mean?

Answer 4

Keeping data accurate and untampered with

Question 5

What does availability mean?

Answer 5

The people who should have access to data, is readily accessible to them

Question 6

How do you define risk?

Answer 6

The possibility of suffering a loss in an attack (on the system/device)

Question 7

How do you define vulnerability?

Answer 7

A flaw in the system that’s exploited to compromise it

Question 8

What is a 0-day/zero-day vulnerability?

Answer 8

A vulnerability that’s new/missed to a developer/vendor, but already discovered and exploited by an attacker

(the developer has had 0 days to fix it because it’s new to them)

Question 9

What is an exploit?

Answer 9

software used by an attacker to target a specific vulnerability

[they write an exploit code]

Question 10

How do you define a threat?

Answer 10

possible attackers (burglars)

Question 11

What is a hacker?

Answer 11

Someone who tries to break into and exploit a system

Question 12

What are the 2 common types of hackers?

Answer 12

1. Black Hat
2. White Hat

Question 13

What’s the difference between white hat and black hat hackers?

Answer 13

White hat hackers will find the weaknesses but will alert the owners so they can fix it. Black hat hackers are malicious.

Question 14

What is an attack?

Answer 14

an actual attempt to harm a system

Question 15

What is malware?

Answer 15

type of software that can steal your information and delete/modify files

Question 16

How does a virus work?

Answer 16

it comes attached to an executable code (program), spreads to other files when it’s running, replicates itself on the files, does damage, and tries to keep spreading

Question 17

What are worms?

Answer 17

Worms are like viruses except they can spread without attaching themselves onto something

Question 18

How are worms spread?

Answer 18

worms are spread through channels like networks

Question 19

What is adware?

Answer 19

software that displays advertisements and collects data

Question 20

What is a trojan?

Answer 20

malware that disguises itself as one thing but it actually does something else

Question 21

What is spyware?

Answer 21

malware that spies on you

Question 22

What’s an example of spyware?

Answer 22

monitors your screens, key presses, webcams and reports or streams this to another party

Question 23

What’s a keylogger?

Answer 23

A specific and common type of spyware that records your keystrokes

Question 24

What is ransomware?

Answer 24

a type of attack that holds your data/system hostage until you pay a ransom

Question 25

What are 3 symptoms that might indicate a system is infected with malware?

Answer 25

1. Running slower than normal
2. Restarts on its own many times
3. Uses all or a higher than normal amount of memory

Question 26

What is a botnet?

Answer 26

compromised internet-connected machines perform tasks controlled by the attacker

Question 27

How do you separate an infected device from the rest of the network (botnet)? (3)

Answer 27

disconnect WiFi, unplug Ethernet, temporarily disable automatic system backup (might get re-infected by restoring infected file)

Question 28

What should you do after malware has been cleaned from the system?

Answer 28

1. Turn the automatic backup back on
2. Create a manual safe restore point

Question 29

What’s a backdoor?

Answer 29

A secret entryway that attackers install in an already compromised system to grant continued access even if the user is aware their system is compromised

Question 30

What is rootkit malware?

Answer 30

Allows admin-level modification to an OS

Question 31

Why is a rootkit so hard to detect?

Answer 31

It runs malicious processes while also hiding those processes from the task manager

Question 32

What is a logic bomb?

Answer 32

Malware that’s intentionally installed and triggered to run after a certain time or event