Week 1 - Malicious Software Flashcards
What does the acronym CIA stand for (not government)
[as in CIA triad]
C - Confidentiality
I - Integrity
A - Availability
What does the CIA triad refer to?
it’s a guiding model for designing information security policies
What does confidentiality mean?
Keeping things hidden (from unwanted eyes)
What does integrity mean?
Keeping data accurate and untampered with
What does availability mean?
The people who should have access to data, is readily accessible to them
How do you define risk?
The possibility of suffering a loss in an attack (on the system/device)
How do you define vulnerability?
A flaw in the system that’s exploited to compromise it
What is a 0-day/zero-day vulnerability?
A vulnerability that’s new/missed to a developer/vendor, but already discovered and exploited by an attacker
(the developer has had 0 days to fix it because it’s new to them)
What is an exploit?
software used by an attacker to target a specific vulnerability
[they write an exploit code]
How do you define a threat?
possible attackers (burglars)
What is a hacker?
Someone who tries to break into and exploit a system
What are the 2 common types of hackers?
- Black Hat
- White Hat
What’s the difference between white hat and black hat hackers?
White hat hackers will find the weaknesses but will alert the owners so they can fix it. Black hat hackers are malicious.
What is an attack?
an actual attempt to harm a system
What is malware?
type of software that can steal your information and delete/modify files
How does a virus work?
it comes attached to an executable code (program), spreads to other files when it’s running, replicates itself on the files, does damage, and tries to keep spreading
What are worms?
Worms are like viruses except they can spread without attaching themselves onto something
How are worms spread?
worms are spread through channels like networks
What is adware?
software that displays advertisements and collects data
What is a trojan?
malware that disguises itself as one thing but it actually does something else
What is spyware?
malware that spies on you
What’s an example of spyware?
monitors your screens, key presses, webcams and reports or streams this to another party
What’s a keylogger?
A specific and common type of spyware that records your keystrokes
What is ransomware?
a type of attack that holds your data/system hostage until you pay a ransom
What are 3 symptoms that might indicate a system is infected with malware?
- Running slower than normal
- Restarts on its own many times
- Uses all or a higher than normal amount of memory
What is a botnet?
compromised internet-connected machines perform tasks controlled by the attacker
How do you separate an infected device from the rest of the network (botnet)? (3)
disconnect WiFi, unplug Ethernet, temporarily disable automatic system backup (might get re-infected by restoring infected file)
What should you do after malware has been cleaned from the system?
- Turn the automatic backup back on
- Create a manual safe restore point
What’s a backdoor?
A secret entryway that attackers install in an already compromised system to grant continued access even if the user is aware their system is compromised
What is rootkit malware?
Allows admin-level modification to an OS
Why is a rootkit so hard to detect?
It runs malicious processes while also hiding those processes from the task manager
What is a logic bomb?
Malware that’s intentionally installed and triggered to run after a certain time or event
