Types of Malware and Cybersecurity Threats

Questions and Answers

What is the term for malicious code that captures information like web browsing habits and usernames?

• Ransomware
• Spyware (correct)
• Trojan
• Worm

What is the term for a person who creates and uses malware to gain unauthorized access to information?

• Hacker (correct)
• Developer
• Perpetrator
• Organization

What type of security protects physical objects or areas from unauthorized access and misuse?

• Network security
• Information security
• Operations security
• Physical security (correct)

How do malware that infect computers through files often spread?

All of the above (D)

What is the term for a part of multiple layers of security that protects the details of a particular operation or series of activities?

Operations security (B)

Which of the following is NOT a component of information security?

Operations security (C)

What type of malware is designed to record every keystroke made on a computer?

Keyloggers (C)

What is the primary goal of information security?

To protect confidentiality of information assets (A)

What is the term for the protection of information assets from unauthorized access or disclosure?

Confidentiality (D)

What is the term for the process of identifying, estimating, and prioritizing risks to organizational operations?

Risk assessment (D)

What type of malware is typically spread through email attachments?

Malware through spam emails (B)

What is the term for the unauthorized access or use of information assets?

Access (A)

Flashcards are hidden until you start studying

Study Notes

Types of Malware

• Malware consists of segments of code that perform malicious actions
• Types of malware include: Virus, Worm, Spyware, Trojan, Ransomware, and Bot

Security Layers

• Multiple layers of security include: Physical security, Personnel security, Network security, and Information security
• These layers protect objects, areas, or individuals from unauthorized access and misuse

Information Security

• Information security is the protection of information assets that use, store, or transmit information
• It involves the application of policy, education, and technology to protect confidentiality, integrity, and availability of information assets

Security Risks

• Risk assessment is the process of identifying, estimating, and prioritizing risks to organizational operations
• Risk analysis is the determination of the extent to which an organization's information assets are exposed or at risk

Threats and Attacks

• A threat is a category of objects, persons, or other entities that presents a danger to an asset
• An attack is an intentional or unintentional act that can cause damage to information and the systems that support it

Preventing Malware

• Ways to prevent malware infections include:
  • Regularly updating software
  • Avoiding file sharing services and BitTorrent
  • Being cautious with removable media
  • Avoiding spam emails

Key Concepts

• Confidentiality is the protection of information from disclosure or exposure to unauthorized individuals or systems
• Availability is the ability of authorized users to access information without interference or obstruction
• Keyloggers are a type of surveillance software that records every keystroke made to a log file, usually encrypted