Malware Flashcards
What is malware?
Any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user’s computer security and privacy
What are the phases of malware? (4)
- Dormant
- Spreading
- Triggering
- Attack
What is the purpose of the dormant phase?
For the malware to remain undetected
What is the purpose of the spreading phase?
To infect other hosts
What is the purpose of the triggering phase?
Waiting for the commands or set of conditions to be satisfied in order to move from the dormant / spreading phase into the attack phase
What is the purpose of the spreading phase?
Where the virus performs the malicious activity that is was designed to do, referred
to as the payload
What is a method used to determine if a host is vulnerable?
Port scanning
What is a backdoor?
a way to access a computer system that bypass the systems customary security
mechanisms
How to defend against insider attacks? (5)
- Avoid single points of failure - no one employee can
be in charge of backups or manage critical systems - Use archiving tools and version control
- Follow the principle of least privileges
- Physically secure critical systems (e.g. air gaps, critical servers in locked rooms with power failure backup)
- Control software installations to a reliable source
What is a virus
a piece of malware that requires other programs in order to spread.
what is a worm
a piece of malware that is able to spread independently
what is a zero day vulnerability
What is the limitation of static analysis for assessing software code for malware?
It only useful against known vulnerabilities and signatures
how should dynamic analysis be done?
by running the new software in a sandbox and analyse the characteristics of the
software
What is an asset?
anything that has value or can cause loss if compromised
