Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IT Theory > eSecurity 2 - Malware > Flashcards

eSecurity 2 - Malware Flashcards

Unit 5

1
Q

What’s malware?

A

Any software that is designed to disrupt or damage a computer system or sometimes a user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Types of malware

A

Virus

Trojan

Worm

Spyware

Adware

Rootkit

Malicious bots

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What could the consequences of malware be?

A

Some malware may just cause a minor irritation, such as slowing down a computer, but it could be much more serious, leading to identity theft, corruption of data or blackmail (either to do with personally collected data or to restore blocked data).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What’s a virus?

A

The only type of malware that infects new files in the computer system. It attaches itself to a clean file, replicates itself, then attaches itself to another clean file. It is designed to spread, much like a human virus.

The aim of a virus is to corrupt and disrupt data in a computer system. It is mainly a method of sabotage for this reason.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How does a virus start its job?

A

Once a virus has infected a file, it may begin to replicate immediately, or it can lay dormant until actions performed by the computer cause the code to be executed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How do viruses spread more?

A

If an infected computer is part of a network, it can then begin to infect other computers on the network. A virus can be especially dangerous if it infects files on a server that are accessed by many different computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Signs your computer has a virus

A

Slower system performance

Files multiplying or duplicating on their own

Files being deleted without your knowledge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Minimising the risk of a virus

A
  1. Install robust anti-virus software since it’s hard to eradicate (thf, prevent it).
    It’ll scan a computer system and find any files that it thinks contain a virus. It will quarantine these files and alert the user of their presence. The user can then select to delete these files. It is possible to remove this stage and set the software to automatically delete all quarantined files.

The anti-virus software can detect the presence of a virus by comparing the code to a database of known virus codes. If it finds a code that matches it will quarantine the file.

  1. Install firewall to detect malicious software trying to enter the system. Relies on the necessary criteria to be set in order to detect the malicious traffic in the first place.
  2. Careful inserting USB memory stick. You should immediately scan any USB memory stick that is inserted into your computer, even if it is your own storage device. It is very common for viruses to be spread through the use of portable storage devices.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Weakness of anti-viruses

A

It is dependent on the database it holds. Therefore, if a perpetrator manages to infect a system with a virus that is not in the database, it will not be recognised and removed. This could leave it to do a great deal of damage. For this reason, it is also important to update your anti-virus software to make sure that it includes the latest known viruses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What’s a Trojan?

A

Type of malware that disguises itself as legitimate software, or is included in legitimate software that may have been infiltrated. They are mostly downloaded from an infected email or website.

Once it’s opened it will release another type of malware, such as a virus. A Trojan needs the user to run the program for it to release other malicious software. Therefore, it will usually encourage the user to run the program.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Minimising the risk of a trojan

A

It is difficult because they mask themselves as legitimate software. They require the user to make them run, so rely on the error of a user to operate, rather than detection by anti-virus or firewall.

The main way to minimise the risk of a Trojan is to only open files and click run software that you know is from a trusted source.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What’s a worm?

A

Type of malware that acts in a similar way to a virus. It replicates itself, does not need to attach itself to another program or file to cause damage. Worms exploit security holes and issues in a computer. These normally exist in the operating system.

Aims to fill up all free space on a computer to slow it down and bring it to a halt. Therefore, the first signs for a user that their computer has been infected with a worm is that it starts to run slowly and the space available on their hard drive begins to rapidly decrease.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How do worms spread?

A

A worm also tries to spread to different computers on a network. For this reason, worms are often used to infect a large number of computers on a network. If a worm is able to spread through a network, it can clog up bandwidth and slow the whole network down.

Worms are normally downloaded and spread through email attachments, peer-to-peer file sharing networks or using a link to website or resource. Once downloaded, they do not need any human interaction to replicate themselves.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Minimising risk of a worm

A

Worms exploit software vulnerabilities in a computer in the operating system or applications. Regularly check for, and install, updates for your operating system and your applications. This process can be set to automatically occur.

The same guidelines about minimising phishing should also be taken.

Anti-virus software can normally check for a worm too. Therefore, regularly scanning your computer.

Worms can be spread by network connections. Therefore, disconnecting your computer from a network, when the network resources are not required, can keep it safe during this time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What’s spyware?

]how and what

A

Malware that is designed to gather information about your interactions with your computer. As the name suggests, the aim of spyware is to spy on the user. Spyware is normally used to gather personal and sensitive data that can be used in fraudulent or criminal activity.
Can be accidentally downloaded from pop-up ads, free cost apps, or consenting its download without knowing (small print).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What’s an example of spyware?

A

A key logger is installed on a user’s computer, normally without their consent. The key logger will then record any key presses that are carried out by the user. All this data is then sent to a third party to be analysed, normally by another computer, but can be done manually, to establish any patterns in the data. The patterns are then analysed to see if any of them look as though they could be personal or sensitive data, for example, a password.

17
Q

What’s other things that spyware can do other than key logging?

A

A user can sometimes unknowingly allow a commercial company to use spyware for several purposes including:

Targeted marketing from tracking browsing habits

Sending unwanted and often irritating pop-up adverts

Installing add-ons and redirecting to advertising websites

18
Q

Minimising the risk of spyware

A

Only download from trustworthy and reputable sources.

Do not click on any links or offers in pop-up ads.

Always read the small print when consenting to any user agreement. You are consenting to allowing spyware to be downloaded to track information such as your browsing habits. Look for clauses about sharing your data with third parties.

Cookies are a type of spyware that you may consent to be used to track your internet surfing habits. Check what you are allowing the company to do with the cookies that you consent to being used to track your actions.

Anti-malware software can scan your computer to see if any key logging software is present. It’ll normally remove any key logger if it is found. If it does find a key logger, change all your passwords immediately, in case your data has been gathered and analysed.

19
Q

What’s adware?

A

Adware is a type of software that is designed to display targeted advertising on your computer. It does this by collecting data about your internet browsing habits. Adware can be legitimate, but it can also be illegitimate. Some program developers will justify the inclusion of adware in their product by claiming that it will generate revenue for them, keeping the cost of the product lower.

20
Q

How can you end up with adware?

A

Adware can be bundled in legitimate software downloads. You may end up with adware on your computer without actually asking to download it. This happens when you are given the chance to customise what is downloaded. For example, there may be a hidden addition to the download of a task or search bar that is added to your current internet browser.

21
Q

How does adware affect you?

A

Adware can prove difficult to delete as they do not normally have any uninstall feature. It may not act maliciously, but will often serve as a method of advertising for the company, or try to get you to use their search function.

Adware as malware will present adverts when a user is browsing the web that are often shown constantly. They are normally in the form of pop-up windows that cannot be closed. They can be very irritating.

22
Q

Minimising the risk of adware

A

Be careful about what adware you allow to be installed on your computer. You may allow some adware to track your browsing habits online to see adverts for products that you might be interested in. You don’t want adware to make your browsing experience become irritating by having too many adverts popping up on a constant basis.

Check what is being downloaded onto your computer. Look at the list of component parts that will be downloaded and make sure that any that look like they could be adware (for example, a search bar or task bar addition to your browser) are not ticked. If they are present, untick them immediately before allowing the download to go ahead.

Once downloaded, unwanted adware can be very difficult to remove. It may take several scans with an anti-malware software to detect and remove the adware.

23
Q

What’s a rootkit?

A

Computer program that enables a person to gain administrator access to a victim’s computer. They are designed to stay hidden on a user’s computer to be controlled from a remote location. A rootkit allows the unauthorised user to do several criminal acts with the computer, such as hide illegal files on a computer, use the computer as part of a large cyber attack or to steal personal data and information.

24
Q

How do rootkits get installed?

A

Victim’s password is cracked or a vulnerability in the security system is exploited.

25
Q

How does rootkit go unnoticed?

A

The person installing it can then use the access to stop the computer recognising that the rootkit is there, so the victim will know that someone else has complete access to their computer system. The rootkit will normally be buried deep within the operating system. This is so that it can try to avoid any detection by anti-malware software. Other malware can be incorporated into a rootkit that can then be concealed on the computer to cause harm.

26
Q

How could someone install rootkitIRL, physically
?

A

By leaving USB memory sticks, infected with a rootkit, in places that they believe they will be found. They are relying on the curiosity of another user to insert the USB.

27
Q

Minimising the risk of a rootkit

A
  1. Have a strong password set for your computer to minimise the risk of it being cracked. A strong password should contain a random mixture of characters, numbers and symbols. It should not contain any data that could be connected to you
  2. Change your password on a regular basis in case it has been discovered.
  3. Software is only downloaded from trusted and reputable sources
    Don’t insert a USB memory stick that you find into your computer system.
  4. A rootkit may be detected by anti-malware, but this is highly unlikely. Often, one of the only ways to rid a computer of a rootkit is to completely uninstall the operating system.
28
Q

What’s a bot?

A

A bot is an application that is automated and used to carry out simple and repetitive tasks (mundane and time-consuming). They can be used for very productive reasons, such as indexing a search engine, but they can also be used as a form of malware.

29
Q

Uses of malicious bots

A

SPAM bots are used to bombard people’s email inbox with SPAM emails

Zombie bots are used to create a bot network. The bot will lay dormant on a computer until an attack is launched. The computer will then be connected with lots of other computers that have been compromised by Zombie bots to launch a large-scale attack on an organisation. Bots connected in this way can be known as a botnet.

Chatter bots will pretend to be humans on sites such as social networking and dating sites. They try to emulate human interaction with the goal of obtaining personal data.

30
Q

Minimising the risk of malicious bots

A

Bots are often embedded into links or software downloads and spread in the same way that phishing is carried out. Same measures for phishing can be applied. Don’t click on any links without knowing who they are from and that they will link you to a trusted and reputable source.

As bots can often be used in a chat situation, never give out any personal data when chatting online. Even if you are one on one with a person. Never request any personal data from each other online. If they ask you an odd question, or for personal data, contact them by another means and check that you are speaking to a friend.

If you suspect that you have downloaded a bot, anti-malware software should be used to detect and remove it.

A firewall can also be used to detect the activity of a bot as it may recognise suspicious traffic created by the bot. However, if a bot is sophisticated and can disguise its communications as legitimate traffic, it will go unnoticed by a firewall.

31
Q

What’s ransomware?

A

Type of malware that restricts a user’s access to their computer system and files. It will normally demand that the user pays a ransom in order to regain access to their computer system, or he’ll lose all data. Some programs will completely lock a user’s system, and some will encrypt all of the files on their system in a way that renders them useless.
Rate of success depends on how important the data is to the user.

32
Q

How does ransomware enter a system?

A

Similar way to a Trojan.

33
Q

Minimising the risk of ransomware

A

Same guidelines for minimising the risk of Trojans can also be followed.

Have a copy of your data. If you create a separate back-up of your data, and keep this up to date, then the risk of losing your data in a ransomware attack becomes greatly reduced. You can reinstate your data, if it is deleted.

The risk of losing data can also be reduced by storing data in the cloud. Cloud systems often have a facility that can allow the user to roll back to a previous version of the data, so it can be reinstated if lost.

34
Q
A

IT Theory (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions