Lecture 3a

Question 2

What is malware?

Answer 2

Software that enters a computer system without the user’s knowledge or consent and performs unwanted harmful actions

Question 3

What are the five primary actions malware performs?

Answer 3

Imprison Launch Snoop Deceive Evade

Question 4

What does ransomware do?

Answer 4

Prevents a user’s endpoint device from functioning properly until a fee is paid

Question 5

What is crypto-malware?

Answer 5

Malware that imprisons users by encrypting all files on the device making them inaccessible

Question 6

How does crypto-malware increase the cost of unlocking?

Answer 6

The cost of the key increases every few hours or days

Question 7

What are the two main types of viruses?

Answer 7

File-based virus and fileless virus

Question 8

What is a file-based virus?

Answer 8

Malicious code attached to a file that reproduces itself on the same computer without human intervention

Question 9

What is an armoured file-based virus?

Answer 9

A virus that uses techniques like split infection and mutation to avoid detection

Question 10

What is a fileless virus?

Answer 10

Virus that does not attach to files but loads code into computer memory to avoid detection

Question 11

List advantages of fileless viruses over file-based viruses.

Answer 11

Easy to infect Extensive control Persistent Difficult to detect Difficult to defend against

Question 12

What is a worm?

Answer 12

A malicious program that uses a computer network to replicate exploiting vulnerabilities in applications or OS

Question 13

What harmful actions can worms perform?

Answer 13

Deleting files Allowing remote control by attackers

Question 14

What is a bot in malware terms?

Answer 14

An infected computer under remote control used to launch attacks

Question 15

What is a botnet?

Answer 15

A network of infected bot computers controlled by a bot herder

Question 16

What are two common types of snooping malware?

Answer 16

Spyware and keyloggers

Question 17

What does spyware do?

Answer 17

Tracking software deployed without user’s consent or control

Question 18

What is a keylogger?

Answer 18

Software or hardware that silently captures and stores each keystroke typed on a keyboard

Question 19

What is a Potentially Unwanted Program (PUP)?

Answer 19

Software the user does not want that may include intrusive advertising or hijacking browser settings

Question 20

What is a Trojan?

Answer 20

An executable program that appears benign but performs malicious actions

Question 21

What is a Remote Access Trojan (RAT)?

Answer 21

A Trojan that gives unauthorized remote access to the victim’s computer using special communication protocols

Question 22

What is a backdoor in malware?

Answer 22

Malware that gives access circumventing normal security protections

Question 23

What is a logic bomb?

Answer 23

Malware code that lies dormant and activates when a specific logical event triggers it

Question 24

What is a rootkit?

Answer 24

Malware that hides its presence and other malware by accessing lower layers of the operating system

Question 25

What is cross-site scripting (XSS)?

Answer 25

An attack where malicious scripts are injected into trusted websites to be run in another user's browser

Question 26

What is an injection attack?

Answer 26

An attack that inserts malicious input to exploit vulnerabilities in applications usually targeting databases

Question 27

What does SQL injection target?

Answer 27

SQL servers by introducing malicious commands through crafted statements

Question 28

What is cross-site request forgery (CSRF)?

Answer 28

An attack that tricks an authenticated user into executing unwanted actions on a web application

Question 29

What is server-side request forgery (SSRF)?

Answer 29

An attack exploiting a web server's ability to process external URLs to gain sensitive information or inject harmful data

Question 30

What is a replay attack?

Answer 30

An attack that intercepts and retransmits data to impersonate a legitimate user

Question 31

What is a buffer overflow attack?

Answer 31

When a process stores data beyond the boundary of a fixed-length buffer causing adjacent memory to be overwritten

Question 32

What is an integer overflow attack?

Answer 32

An attack that changes a variable's value outside its intended range causing unexpected behavior

Question 33

What causes improper exception handling attacks?

Answer 33

Poor coding such as not validating user input or NULL pointer dereference causing crashes or vulnerabilities

Question 34

What external software components can be attacked?

Answer 34

Application program interfaces APIs Device drivers Dynamic-link libraries DLLs

Question 35

What is artificial intelligence (AI)?

Answer 35

Technology that imitates human abilities

Question 36

What is machine learning (ML)?

Answer 36

A subset of AI where technology learns by itself through experience without continual programming

Question 37

How is AI used in cybersecurity?

Answer 37

To detect predict and respond to cyber threats in real time including blocking phishing attacks

Question 38

What are adversarial AI risks?

Answer 38

Security of ML algorithms being compromised and tainted training data producing false negatives

Question 39

What does the word endpoint refer to in cybersecurity?

Answer 39

Network connected hardware devices