Questions and Answers
Which type of malware disguises as legitimate software and grants unauthorized access?
Trojans
What is the method used to infiltrate a victim's machine?
Threat Vector
Which type of malware encrypts user data and demands ransom for decryption?
Ransomware
What type of malware allows unauthorized access and executes malicious actions?
Signup and view all the answers
Which type of malware monitors and gathers user/system information?
Signup and view all the answers
What type of malware hides its presence and activities on a computer, operating at the OS level?
Signup and view all the answers
Which type of malware captures passwords or sensitive information by recording keystrokes?
Signup and view all the answers
What is the means by which an attacker gains access and infects the system?
Signup and view all the answers
Which type of malware consumes resources without value?
Signup and view all the answers
When it comes to malware techniques, what has evolved from file-based tactics to modern fileless techniques?
Signup and view all the answers
What is the primary purpose of ransomware?
Signup and view all the answers
What type of malware is designed to gain administrative control over a computer system without detection?
Signup and view all the answers
What is the characteristic of a worm?
Signup and view all the answers
Which type of malware is described as malicious code that runs without user knowledge?
Signup and view all the answers
What are common indications of a malware attack?
Signup and view all the answers
Which type of malware can be prevented with regular backups, software updates, security awareness training, and Multi-Factor Authentication (MFA)?
Signup and view all the answers
What is the primary purpose of botnets?
Signup and view all the answers
What is the characteristic of a Distributed Denial-of-Service (DDoS) attack?
Signup and view all the answers
Which type of virus is characterized by being able to change its internal structure without changing its external functionality?
Signup and view all the answers
What is the highest level of permissions that allows installation of programs, opening/closing ports, and control of device drivers?
Signup and view all the answers
Which technique is used to run arbitrary code within another process's address space by forcing it to load a DLL?
Signup and view all the answers
What are rootkits designed to do in order to hide from the operating system?
Signup and view all the answers
What is the main purpose of keyloggers?
Signup and view all the answers
Which type of software is designed to gather and send information without user knowledge?
Signup and view all the answers
What is the main characteristic of bloatware?
Signup and view all the answers
Which malware attack technique penetrates and infects systems using specific methods?
Signup and view all the answers
What is the most common method used by modern malware to avoid detection by signature-based security software?
Signup and view all the answers
What is the primary action of rootkits and backdoors?
Signup and view all the answers
What is the primary function of a stage one dropper or downloader?
Signup and view all the answers
What is the specific function of a Shellcode?
Signup and view all the answers
Which scenario indicates 'Impossible Travel'?
Signup and view all the answers
What does the 'Actions on Objectives' phase involve?
Signup and view all the answers
What is ransomware?
Signup and view all the answers
What is the purpose of the 'Living off the Land' strategy adopted by threat actors?
Signup and view all the answers
What does the term 'Concealment' refer to in the context of cybersecurity?
Signup and view all the answers
What are indications of 'Out-of-Cycle Logging'?
Signup and view all the answers
What does 'Resource Inaccessibility' indicate?
Signup and view all the answers
'Missing Logs' can be an indication of what in a cybersecurity context?
Signup and view all the answers
What can 'Concurrent Session Utilization' indicate in terms of cybersecurity?
Signup and view all the answers
Study Notes
- Administrator or root account: highest level of permissions, allows installation of programs, opening/closing ports, and control of device drivers (UNIX, Linux, and MacOS call it the root account)
- Permissions and access levels: rings of permissions, from user level (Ring 3) to innermost/highest level (Ring 0, aka "kernel mode")
- Rootkits: powerful malware, extremely difficult to detect, try to move from Ring 1 to Ring 0 to hide from the operating system, use DLL injection for deeper access
- DLL Injection: technique used to run arbitrary code within another process's address space by forcing it to load a DLL
- Rootkits and backdoors: similar in granting unauthorized access, originated as backdoors in software, RATs act like modern backdoors
- Keyloggers: software or hardware that records every keystroke, can be installed as malware or hardware, difficult to detect and protect against, can waste storage space and slow down performance
- Spyware and bloatware:
- Spyware: malicious software designed to gather and send information without user knowledge, can be installed in various ways, protect against it by using reputable antivirus and anti-spyware
- Bloatware: software that comes pre-installed on devices, not specifically requested by user, wastes space, slows down performance, and introduces potential vulnerabilities, remove it manually or use removal tools
- Malware attack techniques:
- Malware exploitation: specific methods used by malware to penetrate and infect systems, some malware infects the system's memory to leverage remote procedure calls, most modern malware uses fileless techniques to avoid detection by signature-based security software.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.