comp security exam 3

Question 1

Malware

Answer 1

Malicious software designed to harm or exploit any programmable device or network.

Question 2

Worm

Answer 2

Self-replicating malware that spreads across networks without user action.

Question 3

Virus

Answer 3

Malware that attaches to files and spreads when the host file is executed.

Question 4

Spyware

Answer 4

Software that secretly collects user information and sends it to a third party.

Question 5

Wiper

Answer 5

Malware that deletes or “wipes” data to render systems unusable.

Question 6

Denial of Service

Answer 6

Attack that overwhelms resources to make a service unavailable.

Question 7

Backdoor

Answer 7

Hidden method for bypassing normal authentication to access systems.

Question 8

Ransomware

Answer 8

Malware that encrypts data and demands payment for its release.

Question 9

Infiltration

Answer 9

Initial compromise of a system by malware or attacker.

Question 10

Exfiltration

Answer 10

Unauthorized transfer of data out of a compromised system.

Question 11

Trigger (Logic Bomb)

Answer 11

Hidden code set to execute malicious action when specific conditions are met.

Question 12

Dropper

Answer 12

multi-stage dropper

Question 13

Bot

Answer 13

botnet

Question 14

Keylogger

Answer 14

Software that records keystrokes to capture sensitive data.

Question 15

Windows Hooks

Answer 15

API-level intercepts of OS events used by some malware to monitor activity.

Question 16

Zero-day Vulnerability

Answer 16

Exploit

Question 17

Zero-click Exploit

Answer 17

Exploit that requires no user interaction to compromise a device.

Question 18

File Infector

Answer 18

Malware that infects and modifies executable files on disk.

Question 19

USB and infected firmware

Answer 19

Malware embedded in USB device firmware to infect hosts.

Question 20

Autorun

Answer 20

Feature that automatically executes code from removable media.

Question 21

Data leakage

Answer 21

Unintentional or malicious exfiltration of sensitive data.

Question 22

Macro Viruses

Answer 22

Viruses written in macro languages (e.g.

Question 23

Social Engineering

Answer 23

Manipulating people into performing actions or divulging confidential information.

Question 24

Deceptive download

Answer 24

Malicious software disguised as legitimate download.

Question 25

Deceptive pop-up

Answer 25

Fake alert that tricks users into downloading malware.

Question 26

Phishing

Answer 26

Fraudulent emails designed to steal credentials or deliver malware.

Question 27

Spear Phishing

Answer 27

Targeted phishing attack against specific individuals or organizations.

Question 28

Smishing

Answer 28

Phishing via SMS/text messages.

Question 29

Hiding Malicious URLs

Answer 29

Techniques to obscure harmful links (e.g.

Question 30

Honeypots

Answer 30

Decoy systems set up to attract and analyze attackers.

Question 31

Trojan Horse

Answer 31

remote access trojan

Question 32

Overt vs. Covert Purpose

Answer 32

Overt malware announces itself; covert hides its presence or intent.

Question 33

Startup Services

Answer 33

Malware that installs itself as a service to persist across reboots.

Question 34

Bootkit

Answer 34

Rootkit that infects the boot loader or boot sector to gain control before OS loads.

Question 35

Rootkit

Answer 35

Software that hides the existence of processes

Question 36

Kernel-mode

Answer 36

User-mode

Question 37

File-less malware

Answer 37

Malware that resides only in memory and leaves no files on disk.

Question 38

Typosquatting

Answer 38

Registering domain names similar to popular sites to trick users.

Question 39

Masquerading links

Answer 39

Using misleading link text or hidden redirects to disguise malicious URLs.

Question 40

Malicious QR codes

Answer 40

QR codes that direct scanners to malware-hosting or phishing sites.

Question 41

SPF (Sender Policy Framework)

Answer 41

DNS record that specifies which mail servers can send on behalf of a domain.

Question 42

DKIM (DomainKeys Identified Mail)

Answer 42

Email authentication using cryptographic signatures in headers.

Question 43

DMARC (Domain-based Message Authentication

Answer 43

Reporting

Question 44

Signature-based Detection

Answer 44

Antivirus method that matches files against known malware signatures.

Question 45

Behavior-based Detection (Heuristic Analysis)

Answer 45

Detecting malware by monitoring suspicious runtime behavior.

Question 46

Signature Scanning

Answer 46

Scanning files for known byte-patterns of malware.

Question 47

Encrypted malware

Answer 47

Malware whose code is encrypted to evade signature detection.

Question 48

Packing

Answer 48

packer

Question 49

Polymorphic Virus

Answer 49

Malware that mutates its code on each infection to evade detection.

Question 50

Static Heuristic Analysis

Answer 50

Analyzing code structure without executing to detect suspicious patterns.

Question 51

Dynamic Heuristic Analysis

Answer 51

Running code in a sandbox to detect malicious actions at runtime.