Malware

Question 1

Define / Explain

Malware

Malware

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 1

Malicious software designed to infiltrate computer systems and potentially damage them without user consent

Malware

Define / Explain

Question 2

List

Malware Categories

Malware

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 2

• Viruses
• Worms
• Trojans
• Ransomware
• Spyware
• Rootkits
• Spam

Malware

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Question 3

D:efine / Explain

Threat Vector

Malware - Threat Vector vs. Attack Vector

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 3

Method used to infiltrate a victim’s machine

Malware - Threat Vector vs. Attack Vector

Define / Explain

Question 4

Informational

Threat Vector Examples

Malware - Threat Vector vs. Attack Vector

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 4

• Unpatched software
• USB drive installation
• Phishing campaigns

Malware - Threat Vector vs. Attack Vector

Informational

Question 5

Define / Explain

Attack Vector

Malware - Threat Vector vs. Attack Vector

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 5

• Means by which the attacker gains access and infects the system
• Combines both infiltration method and infection process

Malware - Threat Vector vs. Attack Vector

Define / Explain

Question 6

Define / Explain

Viruses

Malware - Types of Malware Attacks

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 6

Attach to clean files, spread, and corrupt host files

Malware - Types of Malware Attacks

Define / Explain

Question 7

Define / Explain

Worms

Malware - Types of Malware Attacks

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 7

Standalone programs replicating and spreading to other computers

Malware - Types of Malware Attacks

Define / Explain

Question 8

Define / Explain

Trojans

Malware - Types of Malware Attacks

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 8

Disguise as legitimate software, grant unauthorized access

Malware - Types of Malware Attacks

Define / Explain

Question 9

Define / Explain

Ransomware

Malware - Types of Malware Attacks

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 9

Encrypts user data, demands ransom for decryption

Malware - Types of Malware Attacks

Define / Explain

Question 10

Define / Explain

Zombies and Botnets

Malware - Types of Malware Attacks

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 10

Compromised computers remotely controlled in a network for malicious purposes

Malware - Types of Malware Attacks

Define / Explain

Question 11

Define / Explain

Rootkits

Malware - Types of Malware Attacks

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 11

Hide presence and activities on a computer, operate at the OS level

Malware - Types of Malware Attacks

Define / Explain

Question 12

Define / Explain

Backdoors and Logic Bombs

Malware - Types of Malware Attacks

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 12

Backdoors allow unauthorized access, logic bombs execute malicious actions

Malware - Types of Malware Attacks

Define / Explain

Question 13

Define / Explain

Keyloggers

Malware - Types of Malware Attacks

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 13

Record keystrokes, capture passwords or sensitive information

Malware - Types of Malware Attacks

Define / Explain

Question 14

Define / Explain

Spyware and Bloatware

Malware - Types of Malware Attacks

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 14

Spyware monitors and gathers user/system information, bloatware consumes resources without value

Malware - Types of Malware Attacks

Define / Explain

Question 15

Informational

Malware Techniques and Infection Vectors…

Malware - Malware Techniques and Infection Vectors

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 15

• Evolving from file-based tactics to modern fileless techniques
• Multi-stage deployment, leveraging system tools, and obfuscation techniques

Malware - Malware Techniques and Infection Vectors

Informational

Question 16

Informational / List

Indications of Malware Attack…

Malware - Indications of Malware Attack

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 16

• Account lockouts
• Concurrent session utilization
• Blocked content
• Impossible travel
• Resource consumption
• Inaccessibility
• Out-of-cycle logging
• Missing logs
• Documented attacks

Malware - Indications of Malware Attack

Informational / List

Question 17

Define / Explain

Computer Virus

Viruses

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 17

Made up of malicious code that’s run on a machine without the user’s knowledge and this allows the code to infect the computer whenever it has been run

Viruses

Define / Explain

Question 18

Define / Explain

Boot Sector

Viruses - 10 Different Types of Viruses

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 18

One that is stored in the first sector of a hard drive and is then loaded into memory whenever the computer boots up

Viruses - 10 Different Types of Viruses

Define / Explain

Question 19

Define / Explain

Macro

Viruses - 10 Different Types of Viruses

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 19

Form of code that allows a virus to be embedded inside another document so that when that document is opened by the user, the virus is executed

Viruses - 10 Different Types of Viruses

Define / Explain

Question 20

Define / Explain

Program

Viruses - 10 Different Types of Viruses

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 20

Try to find executables or application files to infect with their malicious code

Viruses - 10 Different Types of Viruses

Define / Explain

Question 21

Define / Explain

Multipartite

Viruses - 10 Different Types of Viruses

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 21

• Combination of a boot sector type virus and a program virus
• Able to place itself in the boot sector and be loaded every time the computer boots
• It can install itself in a program where it can be run every time the computer starts up

Viruses - 10 Different Types of Viruses

Define / Explain

Question 22

Define / Explain

Encrypted

Viruses - 10 Different Types of Viruses

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 22

Designed to hide itself from being detected by encrypting its malicious code or payloads to avoid detection by any antivirus software

Viruses - 10 Different Types of Viruses

Define / Explain

Question 23

Define / Explain

Polymorphic

Viruses - 10 Different Types of Viruses

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 23

Advanced version of an encrypted virus, but instead of just encrypting the contents it will actually change the viruses code each time it is executed by altering the decryption module in order for it to evade detection

Viruses - 10 Different Types of Viruses

Define/ / Explain

Question 24

Define / Explain

Metamorphic

Viruses - 10 Different Types of Viruses

Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 24

Able to rewrite themselves entirely before it attempts to infect a given file

Viruses - 10 Different Types of Viruses

Define / Explain

Question 25

# Define / Explain Stealth | Viruses - 10 Different Types of Viruses ## Footnote Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 25

Technique used to prevent the virus from being detected by the ahnti-virus software | Viruses - 10 Different Types of Viruses ## Footnote Define / Explain

Question 26

# Define / Explain Armored | Viruses - 10 Different Types of Viruses ## Footnote Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 26

Have a layer of protection to confuse a program or a person who's trying to analyze it | Viruses - 10 Different Types of Viruses ## Footnote Define / Explain

Question 27

# Define / Explain Hoax | Viruses - 10 Different Types of Viruses ## Footnote Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 27

Form of technical social engineering that attempts to scare our end users into taking some kind of undesirable action on their system | Viruses - 10 Different Types of Viruses ## Footnote Define / Explain

Question 28

# Define / Explain Worm | Worms ## Footnote Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 28

* Piece of malicious software, much like a virus, but it can replicate itself without any user interaction * Able to self-replicate and spread throughout your network without a user's consent or their action | Worms ## Footnote Define / Explain

Question 29

# Informational Worms are dangerous for two reasons... | Worms ## Footnote Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 29

* Infect your workstation and other computing assets * Cause disruptions to your normal network traffic since they are constantly trying to replicate and spread themselves across the network | Worms ## Footnote Informational

Question 30

# Informational Worms are best known for... | Worms ## Footnote Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 30

spreading far and wide over the internet in a relative short amount of time | Worms ## Footnote Informational

Question 31

# Define / Explain Ransomware | Ransomware ## Footnote Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 31

Type of malicious software that is designed to block access to a computer system or its data by encrypting it until a ransom is paid to the attacker | Ransomware ## Footnote Define / Explain

Question 32

# Informational How can we protect ourselves and our organizations against ransomware? | Ransomware ## Footnote Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 32

* Always conduct regular backups * Install software updates regularly * Provide security awareness training to your users * Implement Multi-Factor Authentication (MFA) | Ransomware ## Footnote Informational

Question 33

# Informational What should you do if you find yourself or your organization as the victim of a ransomware attack? | Ransomware ## Footnote Obj. 2.4 - Given a scenario, analyze indicators of malicious activity

Answer 33

* Never pay the ransomd * If you suspect ransomware has infected your machine, you should disconnect it from the network * Notify the authorities * Restore your data and systems from known good backups | Ransomware ## Footnote Informational