Malware

Question 1

Malware

Answer 1

Software designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent

Question 2

Malware Types

Answer 2

• Viruses
• Worms
• Trojan horses
• Ransomware
• Spyware
• Rootkits
• Spam

Question 3

Virus

Answer 3

Malicious code that runs on a machine without the user’s knowledge and infects the computer when executed
Viruses require a user action in order to reproduce and spread

Question 4

Boot sector Virus

Answer 4

Boot sector viruses are stored in the first sector of a hard drive and are loaded into memory upon boot up

Question 5

Macro

Answer 5

Virus embedded into a document and is executed when the document is opened by the user

Question 6

Program Virus

Answer 6

Program viruses infect an executable or application

Question 7

Multipartite Virus

Answer 7

Virus that combines boot and program viruses to first attach itself to the boot sector and system files before attacking other files on the computer

Question 8

Encrypted Virus

Answer 8

An encrypted virus is a computer virus that encrypts its payload with the intention of making detecting the virus more difficult

Question 9

Polymorphic Virus

Answer 9

an encrypted virus that changes itself every time it is executed by altering the decryption module to avoid detection

Question 10

Metamorphic Virus

Answer 10

Virus that is able to rewrite itself entirely before it attempts to infect a file (advanced version of polymorphic virus)

Question 11

Stealth Virus

Answer 11

Virus that uses various mechanisms to avoid detection by antivirus software

Question 12

Armored Virus

Answer 12

Armored viruses have a layer of protection to confuse a program or person analyzing it

Question 13

Worm

Answer 13

§ Malicious software, like a virus, but is able to replicate itself without user interaction
§ Worms self-replicate and spread without a user’s consent or action
§ Worms can cause disruption to normal network traffic and computing activities

Question 14

Trojan Horse

Answer 14

Malicious software that is disguised as a piece of harmless or desirable software

Question 15

Remote Access Trojan (RAT)

Answer 15

Provides the attacker with remote control of a victim computer and is the most commonly used type of Trojan

Question 16

Ransomware

Answer 16

§ Malware that restricts access to a victim’s computer system until a ransom is received
§ Ransomware uses a vulnerability in your software to gain access and then encrypts your files

Question 17

Spyware

Answer 17

§ Malware that secretly gathers information about the user without their consent
§ Captures keystrokes made by the victim and takes screenshots that are sent to the attacker

Question 18

Adware

Answer 18

Displays advertisements based upon its spying on you

Question 19

Grayware

Answer 19

Software that isn’t benign nor malicious and tends to behave improperly without serious consequences

Question 20

Rootkits Types

Answer 20

Rootkits
DLL Injection
Driver Manipulation

Question 21

Rootkit

Answer 21

§ Software designed to gain administrative level control over a system without detection
§ DLL injection is commonly used by rootkits to maintain their persistent control

Question 22

DLL Injection

Answer 22

Malicious code is inserted into a running process on a Windows machine by taking advantage of Dynamic Link Libraries that are loaded at runtime

Question 23

Driver Manipulation

Answer 23

§ An attack that relies on compromising the kernel-mode device drivers
that operate at a privileged or system level
§ A shim is placed between two components to intercept calls and redirect
them