Malware

Question 1

Computer Virus

Answer 1

Made up of malicious code that’s run on a machine without the user’s
knowledge and this allows the code to infect the computer whenever it has been
run

Question 2

Boot Sector virus

Answer 2

Is stored in the first sector of a hard drive and is then loaded
into memory whenever the computer boots up

Question 3

Macro virus

Answer 3

Form of code that allows a virus to be embedded inside another
document so that when that document is opened by the user, the virus is
executed

Question 4

Program virus

Answer 4

Try to find executables or application files to infect with their malicious
code

Question 5

Multipartite virus

Answer 5

Combination of a boot sector type virus and a program virus
Able to place itself in the boot sector and be loaded every time the
computer boots
It can install itself in a program where it can be run every time the
computer starts up

Question 6

Encrypted virus

Answer 6

Designed to hide itself from being detected by encrypting its malicious
code or payloads to avoid detection by any antivirus software

Question 7

Polymorphic virus

Answer 7

Advanced version of an encrypted virus, but instead of just encrypting the
contents it will actually change the viruses code each time it is executed
by altering the decryption module in order for it to evade detection

Question 8

Metamorphic virus

Answer 8

Able to rewrite themselves entirely before it attempts to infect a given file

Question 9

Stealth

Answer 9

Technique used to prevent the virus from being detected by the anti-virus
software

Question 10

Armored virus

Answer 10

Have a layer of protection to confuse a program or a person who’s trying
to analyze it

Question 11

Worm

Answer 11

Piece of malicious software, much like a virus, but it can replicate itself without
any user interaction

Question 12

Trojan

Answer 12

Piece of malicious software that is disguised as a piece of harmless or desirable
software

Question 13

RAT

Answer 13

Remote Access Trojan

Provides the attacker with remote
control of a victim machine

Question 14

Ransomware

Answer 14

Type of malicious software that is designed to block access to a computer system
or its data by encrypting it until a ransom is paid to the attacker

Question 15

Botnet

Answer 15

Network of compromised computers or devices controlled remotely by malicious
actors

Question 16

Zombie

Answer 16

Name of a compromised computer or device that is part of a botnet

Used to perform tasks using remote commands from the attacker without the
user’s knowledge

Question 17

C&C Node

Answer 17

Command and Control Node

Computer responsible for managing and coordinating the activities of other
nodes or devices within a network

Question 18

DDoS

Answer 18

Distributed Denial of Service

Occurs when many machines target a single victim and attack them at the
exact same time

Question 19

DoS

Answer 19

Denial of Service

Question 20

Rootkit

Answer 20

Designed to gain administrative level control over a given computer system
without being detected

Question 21

DLL

Answer 21

Dynamic Link Library

Collection of code and data that can be used by multiple programs
simultaneously to allow for code reuse and modularization in software
development

Question 22

DLL Injection

Answer 22

Technique used to run arbitrary code within the address space of another
process by forcing it to load a dynamic-link library

Question 23

Shim

Answer 23

Piece of software code that is placed between two components and that
intercepts the calls between those components and can be used redirect
them

Question 24

Backdoor

Answer 24

Originally placed in computer programs to bypass the normal security and
authentication functions

Most often put into systems by designers and programmers

Question 25

Easter egg

Answer 25

a hidden feature or novelty within a program that is typically inserted by the software developers as an inside joke Code often has significant vulnerabilities

Question 26

Logic Bombs

Answer 26

Malicious code that's inserted into a program, and the malicious code will only execute when certain conditions have been met

Question 27

Keylogger

Answer 27

Piece of software or hardware that records every single keystroke that is made on a computer or mobile device

Question 28

Spyware

Answer 28

Malicious software that is designed to gather and send information about a user or organization without their knowledge

Question 29

Bloatware

Answer 29

Any software that comes pre-installed on a new computer or smartphone that you, as the user, did not specifically request, want, or need

Question 30

Fileless Malware

Answer 30

Used to create a process in the system memory without relying on the local file system of the infected host

Question 31

Stage 1 Dropper or Downloader

Answer 31

Piece of malware that is usually created as a lightweight shellcode that can be executed on a given system

Question 32

Dropper

Answer 32

Specific malware type designed to initiate or run other malware forms within a payload on an infected host

Question 33

Downloader

Answer 33

Retrieve additional tools post the initial infection facilitated by a dropper

Question 34

Shellcode

Answer 34

Broader term that encompasses lightweight code meant to execute an exploit on a given target

Question 35

Living off the Land

Answer 35

A strategy adopted by many Advanced Persistent Threats and criminal organizations the threat actors try to exploit the standard tools to perform intrusions

Question 36

IOC

Answer 36

Indicator of Compromise

Question 37

Common indicators of compromise

Answer 37

1. Account Lockouts 2. Concurrent Session Utilization 3. Blocked Content 4. Impossible Travel 5. Resource consumption 6. Resource inaccessibility 7. Out-of-cycle Logging 8. Missing Logs 9. Published or Documented Attacks