Malware that is unleashed when you execute a program: Virus Worm Rootkit Trojan Horse. Which virus type would be operating system and browser-based: Boot Sector Virus Program Virus Script Virus Macro Virus. Threat that is hidden on the kernel mainly for the purpose of compromising the system: Rootkit Spam Trojan Logic Bomb. Type of threat that triggers on a specific condition or event and causes devastating loss: Logic bomb Spyware Rootkit Virus. Type of malware that monitors your browsing habits or logs your keystrokes and sends back to a central server: Spyware Trojan Horse Rootkit Logic Bomb. Type of malware that self-replicates without human intervention and uses the network as a transmission medium: Worm Logic bomb Rootkit Virus. What kind of malware is this?
• Software that pretends to be something else
• Replicating isn’t the primary requirement
• Circumvents your existing security because you ran it yourself. A network of zombies is called:. What kind of malware is this:
• The bad guys want your money
• They’ll take your data in the meantime
• Locks your computer “by the police”
• A security professional can remove these kinds of malware. What kind of malware is always changing itself to avoid signature detection?. Malware where the goal is to make it as painful as possible to identify and block. Often obfuscated with unnecessary and
nonsense code. Attacks:
What type of attack would use spoofing and ARP poisoning? Man in the Middle DDoS Replay Phishing. ARP has no security built in. True False. Attacks - what does this describe?
• Take advantage of a design failure or vulnerability to cause a system to be unavailable
• Can create a smokescreen for some other exploit
• May be a precursor to a DNS spoofing attack
• Not usually a very complicated attack. Attacks:
Network attack in which an attacker detects a data transmission and fraudulently has it delayed or repeated. Attacks:
In what kind of attack would a Network Tap is used to access to the raw network data?. In Man-in-the-middle attacks, the person in the middle of the conversation pretends to be both endpoints. What is this an example of?. Send a fake response to a valid DNS request.
What is this describing?. What type of security threat or attack would harvest large groups of people to collect access credentials?. What would a malicious link sent to you over IM be?. Stopping spam: White list Black list. The email claims that the user’s password is about to expire. Instructions are given to go to myuniversity.edu/renewal to renew their password within 24 hours.
What is this an example of?. Threat actor targets a specific individual tricking them into activating malware that gives the criminal access into their companies’ environments or to their personal information.
What is this an example of? . An attack where packets that require much more processing by routers and end-hosts than the "usual" packets do are sent out.
What is this kind of attack called?. There is a vulnerability in the system that allows Joe, a user, to gain system administrator access.
What kind of vulnerability is this?. Line these up: Insider Threat Transitive Attack Client-side Attack. Attacking passwords:
Use common words as passwords - go through them all to find a way in. Attacking passwords:
Go through every single combination of word to find the way in. Attacks:
Determine which website the victim group uses and infect that site. It infects all visitors, even if you're just looking for specific victims. Attacks:
What type of attack would take advantage of misspellings or typing errors?. The system administrator is reviewing the following logs from the company web server:
12:34:56 GET /directory_listing.php?user=admin&pass=admin1
12:34:57 GET /directory_listing.php?user=admin&pass=admin2
12:34:58 GET /directory_listing.php?user=admin&pass=1admin
12:34:59 GET /directory_listing.php?user=admin&pass=2admin
Which of the following is this an example of? Online rainbow table attack Offline brute force attack Offline dictionary attack Online hybrid attack.
