Cybersecurity: Ransomware and Botnets Quiz

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary function of ransomware?

  • To create backups of user data automatically
  • To encrypt data and demand a ransom for decryption (correct)
  • To improve system performance by cleaning malware
  • To prevent unauthorized access by blocking users

Which of the following is NOT a recommended practice to protect against ransomware?

  • Paying the ransom as soon as possible (correct)
  • Implementing Multi-Factor Authentication
  • Always conducting regular backups
  • Installing software updates regularly

What should you do first if you suspect a ransomware infection on your computer?

  • Report it to the authorities
  • Restore from backups immediately
  • Attempt to pay the ransom
  • Disconnect it from the network (correct)

What term refers to compromised computers controlled by attackers used to perform malicious tasks?

<p>Zombies (C)</p> Signup and view all the answers

What is a botnet primarily used for?

<p>DDoS attacks, spam distribution, or cryptocurrency mining (C)</p> Signup and view all the answers

Which component is responsible for managing the activities of other devices in a network of zombies?

<p>Command and Control Node (A)</p> Signup and view all the answers

What percentage of a zombie's processing power is typically utilized by attackers?

<p>20-25% (B)</p> Signup and view all the answers

Which of these is an illegal activity often associated with the use of botnets?

<p>Phishing campaigns (C)</p> Signup and view all the answers

What is the purpose of a rootkit in a computer system?

<p>To gain administrative control without detection (B)</p> Signup and view all the answers

Which account is referred to as the Administrator Account in a UNIX or Linux system?

<p>Root Account (B)</p> Signup and view all the answers

What would be the highest permission level in a computer system referred to as?

<p>Kernel Mode (B)</p> Signup and view all the answers

What is the function of Ring 0 in an operating system's permission structure?

<p>Controls access to system hardware and resources (D)</p> Signup and view all the answers

What is a common technique used by rootkits to achieve deeper system access?

<p>DLL injection (D)</p> Signup and view all the answers

When a user logs in with root permissions, what Ring are they considered to be operating at?

<p>Ring 1 (B)</p> Signup and view all the answers

What does a Dynamic-Link Library (DLL) allow in software development?

<p>Reuse of code across multiple applications (A)</p> Signup and view all the answers

Which ring in a computer system has user-level permissions?

<p>Ring 3 (A)</p> Signup and view all the answers

What is the primary goal of a rootkit?

<p>To seamlessly embed itself into the operating system (B)</p> Signup and view all the answers

What is the recommended method for detecting rootkits?

<p>Utilizing a live boot Linux distribution (C)</p> Signup and view all the answers

Which of the following is a characteristic of backdoors in software?

<p>They allow for unauthorized system access (A)</p> Signup and view all the answers

How do logic bombs operate within programs?

<p>They trigger based on specific conditions being met (D)</p> Signup and view all the answers

What is a keylogger primarily used for?

<p>To capture user keystrokes for sensitive information (D)</p> Signup and view all the answers

What is a notable drawback of easter eggs in software?

<p>They can introduce significant vulnerabilities in code (A)</p> Signup and view all the answers

Which statement about RATs (Remote Access Trojans) is accurate?

<p>They allow threat actors persistent access to systems (A)</p> Signup and view all the answers

Why should backdoors, easter eggs, and logic bombs be avoided in modern applications?

<p>They do not align with secure coding standards (A)</p> Signup and view all the answers

What can trigger multiple failed login attempts resulting in an account lockout?

<p>Malware designed for credential theft (D)</p> Signup and view all the answers

What does 'impossible travel' refer to in cybersecurity?

<p>Logging in from two different geographic locations in a short time (D)</p> Signup and view all the answers

Which scenario is indicative of resource inaccessibility due to ransomware?

<p>Files or systems becoming inaccessible with payment demands (A)</p> Signup and view all the answers

What could indicate potential security issues based on log generation timing?

<p>Logs created at odd hours without activity (A)</p> Signup and view all the answers

What might a noticeable spike in resource consumption indicate?

<p>Potential malware activity (C)</p> Signup and view all the answers

What does a sudden increase in blocked content alerts suggest?

<p>Possible malicious activity or threats (A)</p> Signup and view all the answers

Which sign might indicate an unauthorized access attempt regarding concurrent sessions?

<p>Multiple sessions from several geographic locations (C)</p> Signup and view all the answers

What does the presence of missing logs during a review typically indicate?

<p>Potential unauthorized log clearing or access issues (D)</p> Signup and view all the answers

What is the primary function of a stage one dropper or downloader in malware exploitation?

<p>To retrieve additional portions of the malware code. (C)</p> Signup and view all the answers

How do modern fileless malware techniques primarily avoid detection?

<p>By operating primarily in the system memory. (B)</p> Signup and view all the answers

What do threat actors aim to achieve during the 'Actions on Objectives' phase?

<p>To meet core objectives like data exfiltration. (C)</p> Signup and view all the answers

Which of the following best describes a 'Dropper' in malware context?

<p>Malware type that retrieves and executes other malware. (B)</p> Signup and view all the answers

What does the term 'living off the land' refer to in the context of advanced persistent threats?

<p>Exploiting standard tools to conduct intrusions. (B)</p> Signup and view all the answers

What technique is primarily used by threat actors to prolong unauthorized system access?

<p>Erasing log files and hiding tracks. (C)</p> Signup and view all the answers

What is the key role of a Stage 2 Downloader in malware exploitation?

<p>To install a Remote Access Trojan for control. (B)</p> Signup and view all the answers

Which of the following describes 'shellcode' in malware terms?

<p>Lightweight code meant to exploit a given target. (D)</p> Signup and view all the answers

Which method is NOT a way to remove bloatware from a system?

<p>Running a malware scan for security threats. (B)</p> Signup and view all the answers

What is a common indication of malware attacks?

<p>Unexpected software installations. (B)</p> Signup and view all the answers

Flashcards are hidden until you start studying

Related Documents

A Section 6 - Malware.pdf

More Like This

Understanding Ransomware Transmission
1 questions
Increase in Ransomware Demands
33 questions
Ransomware Attacks and Consequences
5 questions
Ransomware: Understanding the Threat
10 questions
Use Quizgecko on...
Browser
Browser