What is a computer virus?
- Self-replicates
- Spreads rapidly
- May or may not have a malicious payload
Viruses can propagate through various methods, including network connections and email.
How does a virus typically spread?
- Finds a network connection and copies itself to other hosts
- Mails itself to everyone in the host’s address book
The first method requires programming skill, while the second requires less.
What is the primary reason for the commonality of e-mail propagation of viruses?
Microsoft Outlook is easy to work with
Just five lines of code can cause Outlook to send e-mails covertly.
Name the types of viruses mentioned.
- Macro
- Boot Sector
- Multi-Partite
- Armored
- Memory Resident
- Sparse Infector
- Polymorphic
Each type has distinct characteristics and methods of infection.
What is ransomware?
Malware that encrypts files and demands payment for decryption
Examples include CryptoLocker and CryptoWall.
True or false: Trojan horses are programs that look benign but can be harmful.
TRUE
They can download harmful software, install key loggers, or open back doors for hackers.
What are the forms of spyware mentioned?
- Key loggers
- Screen Capture
Spyware can be used legally for monitoring or illegally for covert deployment.
What is a buffer overflow attack?
An attack that exploits a program’s vulnerability by overflowing its buffer
This can lead to unauthorized access or system crashes.
What is an Advanced Persistent Threat (APT)?
Advanced techniques used over a significant period of time
APTs are not typically executed by script kiddies.
How does antivirus software operate?
- Scans for virus signatures
- Keeps the signature file updated
- Watches the behavior of executables
This includes monitoring attempts to access the email address book or change Registry settings.
What are some examples of malware mentioned?
- WannaCry
- Petya
- Shamoon
These are notable examples of viruses that have caused significant damage.
What should you do to avoid viruses?
- Use a virus scanner
- DO NOT open questionable attachments
- Use a code word for safe attachments from friends
- Do not believe ‘Security Alerts’
Following these rules can help protect against virus infections.
What is a rootkit?
A collection of hacking tools that can monitor traffic and keystrokes
Rootkits can create backdoors and alter log files to avoid detection.
What is a logic bomb?
Malware that goes off on a specific condition
This condition can be a date or other criteria.
Define macro virus.
A virus that infects documents and uses macros to spread.
True or false: Boot sector viruses infect the operating system’s boot process.
TRUE
They are activated when the computer starts up.
What is a multipartite virus?
A virus that can infect multiple parts of a system, such as files and boot sectors.
Fill in the blank: An armored virus is designed to ______ detection.
evade
Define memory-resident virus.
A virus that embeds itself in the system’s memory, allowing it to execute whenever the computer is running.
True or false: Sparse infectors only infect files under certain conditions.
TRUE
They selectively infect files to avoid detection.
What is a polymorphic virus?
A virus that changes its code each time it infects a new file to avoid detection.
Fill in the blank: A macro virus primarily targets ______ applications.
office
True or false: Boot sector viruses can spread through removable media.
TRUE
They often spread via USB drives.
Define sparse infector.
A virus that infects files intermittently, reducing the chance of detection.
-
1. Intro48
-
2. Networks and the Internet64
-
3. Cyber Stalking, Fraud, Abuse22
-
4. Denial of Service Attacks34
-
5. Malware29
-
6. Techniques Used by Hackers18
-
7. Industrial Espionage in Cyberspace15
-
8. Encryption16
-
9. Security Technology16
-
10. Security Policies13
-
11. Network and Vulnerability Scanning11
-
12. Cyber Terrorism and Information Warfare15
-
Solar Winds/Stuxnet30
-
Bangladesh Bank Heist16
