Week 2

Question 1

What is a worm?

Answer 1

A program that seeks machines to infect and each infected machine is used for attacks on other machines

Question 2

Name 3 ways worms can be replicated

Answer 2

• Remote login capability
• Emails or instant messaging
• File sharing

Question 3

Name 3 ways worms can identify their targets

Answer 3

1 Random
2 Hit-list
3 Local subnet

Question 4

List the 3 phases of worm propagation

Answer 4

1) Slow start phase
2) Fast spread phase
3) Slow finish phase

Question 5

What is the Morris Worm?

Answer 5

Earliest significant worm infection designed to spread on UNIX systems

Question 6

Name 3 worm technologies

Answer 6

1 Polymorphic
2 Metamorphic
3 Multi-platform

Question 7

What is Mobile Code?

Answer 7

Programs that can be shipped unchanged to a heterogeneous collection of platforms and executed with identical semantics

Question 8

Mobile code often acts a mechanism for…

Answer 8

worms, viruses, trojan horse

Question 9

How do mobile phone worms propagate

Answer 9

Through bluetooth wireless connections or MMS

Question 10

What is a Drive-By-Download?

Answer 10

When the user views a webpage controlled by the attacker, it contains code that allows the bug to download and install malware on the system without the user’s knowledge or consent.

Question 11

What is a Watering-Hole Attack?

Answer 11

The attacker researches their intended victims to identify websites they are likely to visit, then scans these sites to identify those with vulnerabilities.

Question 12

What is Malvertising?

Answer 12

Places malware in the form of adverts on websites without actually compromising them

Question 13

What is Clickjacking/UI redress attack?

Answer 13

The attacker hijacks clicks meant for one action routing user to another page.

Question 14

What is Social Engineering?

Answer 14

Tricking” users to assist in the compromise of their own systems. e.g. spam, trojan horse

Question 15

What is a Botnet?

Answer 15

A collection of bots capable of acting in a coordinated manner

Question 16

List 3 uses of botnets

Answer 16

• Spamming
• Online polls/games
• Spreading new malware

Question 17

What are Keyloggers?

Answer 17

Records keystrokes and then filtering mechanism that only returns information close to keywords (“login”, “password”)

Question 18

What is spyware?

Answer 18

Subverts the compromised machine to allow monitoring of a wide range of activity on the system.

Question 19

What is a Backdoor (AKA trapdoor)?

Answer 19

Secret entry point into a program allowing the attacker to gain access and bypass the security access procedures

Question 20

Ideal solution to the threat of malware is…

Answer 20

Prevention

Question 21

List 3 elements of prevention

Answer 21

• Policy
• Awareness
• Threat mitigation

Question 22

What is user authentication?

Answer 22

The process of establishing confidence in user identities that are presented electronically to an information system.

Question 23

List 3 means of authentication

Answer 23

• Something the individual knows (password)
• Something the individual possesses (smartcard)
• Something the individual is (finger-print)

Question 24

What is multi-factor authentication?

Answer 24

A security system that requires more than one method of authentication

Question 25

What are the 3 concepts of Risk Assessment for user authentication

Answer 25

1- Assurance Level
2- Potential impact
3- Areas of risk

Question 26

What is Assurance Level?

Answer 26

The degree of confidence in the vetting process used to establish the identity of the individual to whom the credential was issued

Question 27

What is Potential impact?

Answer 27

Defines three levels (low, moderate, high) of potential impact on individuals should there be a breach of security

Question 28

List 3 password vulnerabilities

Answer 28

• Offline dictionary attack
• Specific account attack
• Popular password attack

Question 29

What is Password cracking?

Answer 29

The process of recovering passwords from data that have been stored in or transmitted by a computer system.

Question 30

Explain 3 types of password cracking

Answer 30

1) Dictionary attacks
2) Rainbow table attacks
3) John the Ripper