What is Malware?
Malicious software installed without user knowledge to disrupt computers or collect data
Malware can take various forms, including viruses, worms, and Trojans.
Define Trojan Horse.
A program that appears useful but secretly carries malicious code
Trojans often trick users into installing them by masquerading as legitimate software.
What is Ransomware?
Malware that encrypts a user’s files and demands payment for the decryption key
Ransomware attacks can lead to significant data loss and financial damage.
What is a Rootkit?
A difficult-to-detect program used by cybercriminals to gain administrative-level access to a computer
Rootkits can hide their presence and the presence of other malicious software.
Define Worm.
A self-replicating program that spreads automatically across networks by exploiting software vulnerabilities
Worms can cause widespread damage by consuming bandwidth and resources.
What does Denial of Service (DoS) mean?
An attack that overwhelms a target device with false requests to block legitimate users
DoS attacks can disrupt services and cause significant downtime.
What is a Zero-Day?
The day an unknown vulnerability is discovered by a vendor, before a patch is created
Zero-day vulnerabilities are highly sought after by attackers.
Define Phishing.
A social engineering attack using fraudulent emails disguised as being from a trusted source
Phishing aims to trick individuals into revealing sensitive information.
What is a Mantrap?
A high-security physical measure consisting of a small room with two doors to prevent unauthorized entry or tailgating
Mantraps enhance security by controlling access to sensitive areas.
What is the Principle of Least Privilege?
A security rule where users are only granted the minimum access needed for their specific tasks
This principle helps reduce the risk of unauthorized access and data breaches.
Define Trusted Platform Module (TPM).
A specialized chip on a motherboard that stores encryption keys and digital certificates
TPMs enhance security by providing hardware-based protection for sensitive data.
What is the main difference between a virus and a worm?
A virus requires human action to propagate, while a worm is self-replicating and spreads automatically.
This distinction is crucial for understanding malware behavior.
Which Windows tool is used to enforce password requirements on a stand-alone computer?
The Local Security Policy tool (secpol.msc).
This tool allows administrators to set security policies for user accounts.
What is a Mirror site in the context of anti-malware software?
A secondary download site used to distribute update files and prevent the manufacturer’s main website from becoming overwhelmed.
Mirror sites help maintain availability during high traffic.
How does a Man-in-the-Middle attack work?
An attacker intercepts communication between two hosts to monitor or alter the data being exchanged.
This type of attack can compromise sensitive information.
What is Tailgating in social engineering?
When an attacker follows an authorized person into a secure area without using their own credentials.
This tactic exploits trust and physical security measures.
What is the purpose of BitLocker?
It is a Windows feature used to encrypt an entire hard drive to protect data from theft.
BitLocker helps secure sensitive information on devices.
Why should system restore points be deleted after cleaning a malware infection?
Because those restore points might contain infected files that could re-infect the system later.
This is a critical step in ensuring complete malware removal.
What is InPrivate browsing?
A browser mode that temporarily stores files and cookies but deletes them once the session ends.
This mode enhances privacy during web browsing.
What is the difference between Symmetric and Asymmetric encryption?
Symmetric uses one identical key for both encryption and decryption, while Asymmetric uses a public key to encrypt and a private key to decrypt.
Understanding these encryption types is essential for secure communications.
What is Degaussing and is it effective for SSDs?
It is the use of magnets to erase magnetic media; it is not effective for SSDs, which use flash memory.
Degaussing is primarily relevant for traditional hard drives.
What is DNS Poisoning?
An attack where a host is tricked into accepting false DNS records that point to malicious servers.
This can redirect users to harmful websites without their knowledge.
