Malware

Question 1

What is malware?

Answer 1

Malicious software designed to infiltrate computer systems and potentially damage them without user consent

Malware includes various types such as viruses, worms, and ransomware.

Question 2

Name the categories of malware.

Answer 2

• Viruses
• Worms
• Trojans
• Ransomware
• Spyware
• Rootkits
• Spam

Each category has distinct characteristics and methods of operation.

Question 3

What is the difference between Threat Vector and Attack Vector?

Answer 3

• Threat Vector: Method used to infiltrate a victim’s machine
• Attack Vector: Means by which the attacker gains access and infects the system

Attack vectors combine both the infiltration method and the infection process.

Question 4

What are the types of malware attacks?

Answer 4

• Viruses
• Worms
• Trojans
• Ransomware
• Zombies and Botnets
• Rootkits
• Backdoors and Logic Bombs
• Keyloggers
• Spyware and Bloatware

Each type has unique methods and impacts on systems.

Question 5

What are some indications of a malware attack?

Answer 5

• Account lockouts
• Concurrent session utilization
• Blocked content
• Impossible travel
• Resource consumption
• Inaccessibility
• Out-of-cycle logging
• Missing logs
• Documented attacks

Recognizing these signs can help in early detection of malware.

Question 6

What is a computer virus?

Answer 6

Made up of malicious code that’s run on a machine without the user’s knowledge

This allows the code to infect the computer whenever it has been run.

Question 7

Name 10 different types of viruses.

Answer 7

• Boot Sector
• Macro
• Program
• Multipartite
• Encrypted
• Polymorphic
• Metamorphic
• Stealth
• Armored
• Hoax

Each type has specific characteristics and methods of infection.

Question 8

What is a worm?

Answer 8

Piece of malicious software that can replicate itself without any user interaction

Worms can spread throughout a network without user consent.

Question 9

What is a Trojan?

Answer 9

Malicious software disguised as harmless software

Trojans often claim to perform a needed function while granting unauthorized access.

Question 10

What is ransomware?

Answer 10

Malicious software designed to block access to a computer system or its data by encrypting it until a ransom is paid

Regular backups and security awareness training can help protect against ransomware.

Question 11

What is a botnet?

Answer 11

Network of compromised computers or devices controlled remotely by malicious actors

Botnets are often used for illegal activities, including DDoS attacks.

Question 12

What is a rootkit?

Answer 12

Designed to gain administrative level control over a computer system without being detected

Rootkits can hide their presence and activities, making them difficult to detect.

Question 13

What is a backdoor?

Answer 13

Originally placed in computer programs to bypass normal security and authentication functions

Backdoors can be used by threat actors to maintain persistent access to systems.

Question 14

What is a keylogger?

Answer 14

Records every single keystroke made on a computer or mobile device

Keyloggers can be software-based or hardware-based.

Question 15

What is spyware?

Answer 15

Malicious software designed to gather and send information about a user or organization without their knowledge

Spyware can be installed through various methods, including bundled software.

Question 16

What is bloatware?

Answer 16

Software that comes pre-installed on a new computer or smartphone that the user did not specifically request

Bloatware can waste storage space and slow down device performance.

Question 17

What is a malware exploitation technique?

Answer 17

Specific method by which malware code penetrates and infects a targeted system

Modern malware often uses fileless techniques to avoid detection.

Question 18

What is a Stage 1 Dropper or Downloader?

Answer 18

Piece of malware created as a lightweight shellcode that can be executed on a given system

Its primary function is to retrieve additional portions of malware code.

Question 19

What are the 9 common indicators of malware attacks?

Answer 19

• Account Lockouts
• Concurrent Session Utilization
• Blocked Content
• Impossible Travel
• Resource Consumption
• Resource Inaccessibility
• Out-of-Cycle Logging
• Missing Logs
• Published or Documented Attacks

Monitoring these indicators can help in identifying potential malware infections.