CompTIA A+ 1102 Malware

Question 1

malicious software

Answer 1

Malware

Question 2

• software that pretends to be something else
• anti-virus may catch it, but the better trojan horses are built to avoid and to disable anti-virus software

Answer 2

Trojan Horse

Question 3

• modifies core system files
• embeds itself deep inside the OS, often in the kernel
• can be invisible to the OS and to anti-virus software

Answer 3

Rootkits

Question 4

Finding and Removing Rootkits

Answer 4

• look for the unusual
• use a remover specific to the rootkit
• Secure Boot using a UEFI BIOS

Question 5

• malware that can replicate itself
• requires the user to execute a program

Answer 5

Virus

Question 6

• virus that is part of the boot sector
• runs every time that you start your computer
• preventable with UEFI Secure Boot

Answer 6

Boot Sector Virus

Question 7

• malware that spies on you
• may trick you into installing it
• may work in conjunction with a keylogger

Answer 7

Spyware

Question 8

saves your input and logs other data, such as your clipboard data

Answer 8

Keylogger

Question 9

encrypts your data, but will decrypt it if you pay the attackers a ransom

Answer 9

Ransomware

Question 10

Cryptominers

Answer 10

• require extensive CPU processing ability
• malware that forces cryptomining to occur on your computer

Question 11

• basic command line that can be used without having to fully start Windows
• provides complete control, but requires an extensive knowledge base to properly and safely use

Answer 11

Windows Recovery Environment

Question 12

• hold shift while clicking the restart button
• or, boot from installation media
• or, restart into advanced startup
• recovery > troubleshoot > advanced options > command prompt

Answer 12

Starting the Windows Recovery Environment

Question 13

• monitors the local computer
• prevents malware communication
• for example, Microsoft Defender Firewall
• built into Windows

Answer 13

Software Firewall

Question 14

What is the only way to guarantee malware removal?

Answer 14

OS reinstallation

Question 15

Malware Removal Process (steps)

Answer 15

1. verify malware symptoms
2. quarantine infected
3. disable system restore
4. remediate : update anti-virus
5. remediate : scan and remove
6. schedule scans and run updates
7. enable system protection
8. educate the end user

Question 16

• disconnect from the network
• isolate all removable media
• control the spread

Answer 16

2. Quarantine Infected (Malware Removal Process)

Question 17

4. Remediate : Update Anti-Virus (Malware Removal Process)

Answer 17

• the malware may prevent the update process
• copy updated signatures onto your computer

Question 18

5. Remediate : Scan and Remove (Malware Removal Process)

Answer 18

use tools or run in Safe Mode or in WinPE