Cybersecurity Quiz: Understanding Hacker Types

Questions and Answers

What defines a vulnerability in the context of computer threats?

• A type of computer virus that spreads between systems.
• A weakness that makes a threat possible. (correct)
• An attempt to impersonate a legitimate user.
• A malicious action that exploits an existing threat.

Which of the following statements about hackers is true?

• All hackers aim to cause harm to systems.
• Hackers only work for government organizations.
• Hackers are synonymous with crackers.
• Hackers seek knowledge or engage in harmless pranks. (correct)

What is the main objective of black-hat hackers?

• To experiment with computer systems legally.
• To exploit vulnerabilities for personal gain. (correct)
• To collaborate with organizations on security issues.
• To improve computer security for users.

Which term best describes malicious programmers who destroy data after unauthorized access?

Crackers (A)

How can a computer attack be defined?

An action that exploits a vulnerability or enacts a threat. (D)

What distinguishes gray-hat hackers from other types of hackers?

They can possess motives ranging from ethical to malicious. (C)

What happens when a computer system is infected with a virus?

The virus spreads to other programs within the system. (D)

What is the primary function of White-Hat Hackers?

To help organizations improve security. (D)

Which statement best describes the legality of Black-Hat Hacking?

It is illegal and violates computer security laws. (D)

What primary function does a Backdoor Trojan serve?

To enable attackers to gain remote access to a device. (A)

What is a characteristic of Gray-Hat Hackers?

They may violate laws while finding system issues. (D)

Which of the following best describes the purpose of a Downloader Trojan?

To install additional malicious software on an already infected device. (A)

Which of the following is a sign of computer virus infection?

Self-execution of programs without user action. (B)

Which type of virus infects the boot sector of disks?

Boot Sector Virus. (A)

Which mitigation strategy is NOT recommended for avoiding Trojan horse infections?

Opening attachments from unknown email addresses. (C)

What happens during a Direct Action Virus infection?

It attaches directly to executable files when they are run. (A)

What type of Trojan specifically targets network overloads to cause a denial of service?

Distributed denial-of-service (DDoS) Trojan (A)

Which type of Trojan is designed to mislead users into thinking their device is protected by legitimate antivirus software?

Fake antivirus Trojan (B)

Which of the following is NOT a sign of a computer virus infection?

Increased battery life on devices. (C)

What characterizes Resident Viruses?

They permanently embed themselves in the system memory. (B)

What might be a first indication of a system being infected with a virus?

Too many pop-up windows appearing. (D)

What distinguishes a computer worm from a virus?

Worms spread over a network without needing a host. (D)

Which method is NOT a viable option for data backup?

Backing up directly on the local hard drive. (C)

Which of the following best describes a multipartite virus?

It can target both the boot sector and executable files. (D)

Which of the following is a role-based function related to authorization?

Permission management based on user roles. (B)

What is the primary function of computer worms?

To replicate and spread to other computers. (A)

How does an overwrite virus function?

It completely replaces the host program with malicious code. (D)

What makes polymorphic viruses particularly challenging to detect?

They create modified versions to evade detection. (B)

Which technique is commonly employed to protect against computer worms?

Regularly updating antivirus software. (C)

What is a unique feature of space filler viruses?

They fill empty spaces in files without detection. (B)

What is the main consequence of a computer worm on a system?

Using system resources excessively. (B)

Which method is NOT commonly associated with virus spread?

Physical copying of files. (A)

What is one characteristic of email worms?

They typically spread through malicious email links or attachments. (D)

What role does anti-virus software play in virus mitigation?

It detects and removes harmful software from devices. (C)

Which of the following best describes accountability in security measures?

It emphasizes logging activities for tracking purposes. (B)

What distinguishes a file infector virus from other types?

It first infects a single file and then spreads to others. (D)

Which backup method involves storing data on a remote server accessible via the internet?

Cloud backup solution. (D)

Which virus type is specifically known to exploit empty spaces within a file?

Space filler Virus. (A)

What is a critical distinction between how viruses and worms spread?

Viruses require user action to spread while worms do not. (B)

Which of the following represents a method through which viruses commonly exploit human behavior?

All of the above. (D)

Flashcards

What is a computer threat?

A potential occurrence that could harm a computer system.

What is a vulnerability?

A weakness in a computer system that allows a threat to be realized.

What is an attack?

An action that exploits a vulnerability or enacts a threat.

What is a computer virus?

A computer program that enters a system and spreads itself, potentially causing harm to the system.

Who are hackers?

Individuals who use their technical skills to access computer systems without permission, often for knowledge or pranks.

Who are crackers?

Individuals who gain unauthorized access to computer systems with malicious intent, often to destroy or steal data.

What are white-hat hackers?

Ethical hackers who identify vulnerabilities in systems to improve security by informing the owners of the weaknesses.

Who are Black-Hat Hackers?

Criminals who violate computer security for their personal gain. They often make money by stealing or selling information.

What are Gray-Hat Hackers?

Hackers who find issues in a system without the owner's permission. They may report the issues and sometimes ask for payment to fix them.

What is a Boot Sector Virus?

A type of virus that infects the boot sector of floppy disks or the Master Boot Record (MBR) of hard disks.

What is a Direct Action Virus?

A type of virus that attaches itself directly to an executable file (.exe or .com) and enters the device during execution.

What is a Resident Virus?

A type of virus that stays active in your computer's memory even after the infected file is closed. It can then infect other files later.

What is a Multipartite Virus?

A type of virus that can infect multiple file types, such as boot sectors, executable files, and even other viruses.

What is an Overwrite Virus?

A type of virus that overwrites the original content of infected files, often making them unusable.

What is a Polymorphic Virus?

A virus that changes its code each time it replicates, making it harder to detect by antivirus programs.

Resident Virus

A virus that hides in computer memory and infects files even when its original program isn't running.

Multipartite Virus

A type of virus that can infect both the boot sector (where the operating system starts) and the actual files on your computer.

Overwrite Virus

A virus that completely overwrites a program's code with its own harmful code.

Polymorphic Virus

A type of virus that changes its code to avoid detection. It's very tricky to find and remove.

File Infector Virus

A virus that first infects a single file, then spreads to other executable files and programs.

Space Filler Virus

A rare type of virus that fills the empty spaces in a file with malicious code.

Email Attachments

Sending infected email attachments to spread viruses.

Internet Downloads

Downloading infected files from unsafe websites or unreliable sources.

Removable Media

Using infected USB drives or other removable media.

Software Vulnerabilities

Exploiting weaknesses in software to infect computers.

Authentication

Confirms the identity of a user or system before allowing access.

Authorization

Determines which actions a user or system is authorized to perform, often based on roles.

Accountability

Logs and tracks actions to ensure accountability.

Data Backup

A copy of data stored in a separate location, used to restore original data after a data loss event.

Computer Worm

A type of malware that spreads by replicating itself across networks, often exploiting security vulnerabilities.

Email Worms

The spread of malware through malicious attachments or links embedded in emails.

What is a Backdoor Trojan?

A backdoor Trojan provides an attacker with a secret route to remotely access and control a computer, potentially stealing sensitive data or launching further attacks.

What is a Rootkit Trojan?

A Rootkit Trojan hides itself within a computer's system, making it difficult to detect and removing it, giving persistent control to the attacker.

What is a Downloader Trojan?

A Downloader Trojan infiltrates a device, usually through other malware, and downloads harmful applications that escalate the attack.

What is a Mailfinder Trojan?

A Mailfinder Trojan searches your computer for email addresses to steal, potentially for spamming or phishing attacks.

What is a Fake Antivirus Trojan?

A Fake Antivirus Trojan disguises itself as legitimate antivirus software to trick users into installing it. It actually steals personal data or weakens security.

Study Notes

Computer Information Threats

• A threat is any potential occurrence, malicious or otherwise, that could harm an asset (computer). It is any bad thing that can happen to your computer.
• A vulnerability is a weakness that makes a threat possible. This can be from poor design, configuration mistakes, or inappropriate and insecure coding.
• An attack is an action that exploits a vulnerability or enacts a threat. Examples include sending malicious input to an application or flooding a network.

Types of Information Threats: Viruses

• A computer virus is a computer program or software that enters the computer system by attaching itself to another computer program and spreads itself across the system.
• If the spread is successful, the affected areas are then "infected" with the computer virus.
• Hackers and crackers are two types of people who create computer viruses.

Hackers vs. Crackers

• Hackers use their technical skills to enter computer systems without permission. Often, they are computer enthusiasts who break in to learn more or for pranks. Many hackers work with government bodies in solving cases.
• Crackers are malicious programmers who gain unauthorized access to computer systems. They destroy confidential data and create destructive programs, like viruses.

White-Hat, Black-Hat, and Gray-Hat Hackers

• White-hat hackers find vulnerabilities in computer networks for organizations and governments; they are often paid employees. White-hat hacking is legal.
• Black-hat hackers hack systems illegally for personal gain. This is highly skilled and often criminal activity and is illegal.
• Gray-hat hackers have a combination of black-hat and white-hat activities; they find issues in systems without permission. They sometimes ask for payment to fix the issue(s), but this is not always the case. Sometimes, gray-hat hacking violates the law.

Signs of Computer Virus Infection

• Speed of System: The time taken to open applications and system processing is slower.
• Pop-up Windows: Too many unexpected pop-up windows appear on the screen.
• Self-Execution of Programs: Files or programs open automatically in the background.
• Log Out from Accounts: The user is logged out from accounts and protected sites.
• Crashing of Device: The device crashes and stops working.

Types of Computer Viruses

• Boot Sector Virus: Infects the boot sector of floppy disks or the Master Boot Record (MBR).
• Direct Action Virus: Attaches itself directly to .exe or .com files and enters the device during execution. Also known as Non-Resident.
• Resident Virus: Saves itself in the computer's memory and infects other files and programs when the originating program isn't running. Hard to remove.
• Multipartite Virus: Can attack both boot sector and executable files.
• Overwrite Virus: Completely removes the existing program and replaces it with malicious code. Replaces the host code.
• Polymorphic Virus: Modifies its code to evade anti-virus detection.
• File Infector Virus: Infects executable files and spreads to other files and programs.
• Space Filer Virus: Fills in empty space of a file with viruses. Also known as cavity virus.

Virus Spread and Infection Ways

• Email Attachments
• Internet Downloads
• Removable Media
• Network Transmission
• Drive-by Downloads
• Software Vulnerabilities

Virus Mitigation

• Antivirus software: Detects and removes harmful software.
• Firewalls: Protects from malicious software.

Computer Worms

• A standalone malware program that replicates itself to spread to other computers within a network. It relies on security failures to access other computers.
• Spread: Often uses a computer network to spread.

Trojan Horse

• Malware that hides its true function, often disguising itself as legitimate software to gain unauthorized access to a device.
• Malware that acts covertly and is often used for opening backdoors, takes control of the affected device, exfiltrates user data, and downloads/runs other malicious software.

Ransomware

• Malware that prevents users from accessing their system or files. Then demands ransom payment to gain access.

Spyware

• A program that gathers confidential and sensitive information from a network.
• Information may include emails, passwords and credit card information.

Social Engineering Attacks

• Methods used to manipulate people into taking certain actions, like giving up sensitive information or money.

Discussion Points

• Details of social engineering attacks
• Social engineering attack lifecycle
• Types of social engineering attacks