Download CTSP Exam Questions and Answers: Malware, Viruses, and Cybersecurity Threats and more Exams Advanced Education in PDF only on Docsity!
CTSP EXAM QUESTIONS AND ACCURATE ANSWERS
Malware- software designed to infect a computer system and possibly damage it without the user's knowing or approving
Virus- code that is activated in a computer without the user's knowledge; it infects the computer when the code is accessed and executed (love bug virus)
Worm- similar as a virus except that it replicates itself, but a virus does not (nimda, propagated by network shares and mass mailing
Trojan Horse - Answers appear to carry out desirable functions while in reality they carry out malicious functions in the background (remote access trojan, plugx)
Remote Access Trojan (RAT) - Due to the fact that it enables an attacker to have higher administration privileges than those of the owner of the system; most common type of Trojan
Ransomware- a type of malware which, after compromising a computer system restricts access to that system and demandS a ransom be paid. Also known as cryptomalware and can encrypt or lock the files and/or system usually propagated via a Trojan: cryptolocker
Spyware - malicious software either unwittingly downloaded from a website or installed with some other third-party software. Usually, collection of information without consent is involved. Example: internet optimizer-dyfuca
Adware - Answer will usually falls into spyware also because it pops-up advertisements according to what it has 'learned' from its spying of the user
Grayware - Answer describes applications that are behaving improperly but without serious consequences
Rootkit - Answer software of a type with which to gain administrator level control over a computer system without being detected (boot loader rootkits, evil maid attack, alureon)
Spam - Answer the abuse of electronic messaging systems such as e-mail, texting, social media, broadcast media, instant messaging, and so on; identity theft e-mails - phishing; lottery scam e-mails
Threat Vector - Answer the method that a threat uses to access a target is known
Attack Vector - Answer the means by which an attacker gains access to a computer in order to deliver malicious software; most common is via software
Typosquatting-ans: This happens when a user is attempting to reach a website but types an incorrect domain name by mistake, and the user gets sent to an altogether unwanted website which is malicious in nature.
Botnet -ans: a malware spread on the internet by a group of compromised computers
Zombie-ans: the individual compromised computers in the botnet
Active Interception - typical response involves the use of a computer placed between sender and receiver to intercept and potentially modify information
Privilege Escalation -answer the process of exploiting a bug or design flaw in a software or firmware application in order to gain control over resources that normally would have been protected from an application or user
Encrypted-Answers uses a simple cipher to encrypt itself; the virus consists of an encrypted copy of the virus code, (to help avoid detection) and a small decryption module
Polymorphic -an enhancement of the concept of an encrypted virus where the decrypting module is changed with each infection, it can change every time it is executed in some attempt to avoid antivirus detection
Metamorphic -similar to polymorphic but completely rewrites itself on every instance it is about to infect another file in an even further attempt at avoiding detection
Stealth - Answer uses various techniques that prevent its detection by antivirus programs
Armored - Answer makes itself safe from being detected by an antivirus program by misguiding the program into thinking that it lies somewhere else than it really is; in other words, it wears some kind of armor that it could use against whoever tries to analyze it.
Multipartite - A combination of boot and program viruses, it first attacks either the boot sector or system files and then proceeds to attack the other system files.
Malware Removal - Response 1. Symptoms of malware are recognized
- Quarantine affected systems
- Disable system restore (on windows)
- Remediate infected systems:
a. Antireware software is updated
b. Use scan and removal technique. For example,
Safe Mode and preinstallation environments
- schedule the scans and run the updates
- enable system restore and create a restore point
(in Windows)
- train the end users
Prevention method: Virus -Answer -run and update antivirus software
-periodically scan the entire system
-update the operating system
-use a firewall
Prevention method: Worm -Answer -run and update antivirus software
-scan the entire system periodically
Prevention method: Trojan Horse -Answer -run and update antivirus software
-scan the entire system periodically
-run a periodic Trojan scan
Prevention technique: Spyware-Answer-run and update anti-spyware
-scanner system on periodic basis
-web browser settings modification
-technologies that discourage the installation of spyware
S
Prevention technique: Rootkit-Answer-run and update antivirus
-Usage of rootkit detector programs
Prevention technique: Spam-Answer-Spam filter
-Whitelists and blacklists configuration
-Open mail relays closure
-Training of users
