Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
39 Cards in this Set
- Front
- Back
|
is software that enters a computer system without the user’s knowledge or consent and then performs an unwanted and usually harmful action. Uses a threat vector to deliver a malicious “payload” that performs a harmful function once it is invoked. |
Malware |
|
|
Three types of mutating software:
|
Oligomorphic malware
Polymorphic malware Metamorphic malware |
|
|
changes its internal code to one of a set number of predefined mutations whenever it is executed.
|
Oligomorphic malware:
|
|
|
code that completely changes from its original form whenever it is executed.
|
Polymorphic malware:
|
|
|
can actually rewrite its own code thus appears different each time it is executed.
|
Metamorphic malware:
|
|
|
One method of classifying the various types of malware is by using primary trait that the malware processes. These traits are:
|
Circulation Infection Concealment Payload Capabilitie |
|
|
some malware has its primary trait spreading rapidly to other systems in order to impact a large number of users.
|
Circulation |
|
|
Once the malware reaches a system through circulation, then it must “infect “ or embed itself into that system.
|
Infection |
|
|
the act of malware trying to avoid detection by concealing itself, while other malware can embed itself within existing processes or modify the underlying host operating system.
|
Concealment |
|
|
: when payload capabilities are the primary focus of malware, the focus is on what nefarious actions the malware performs. (i.e. does it steal passwords, delete programs, etc.)
|
Payload capabilities
|
|
|
an agent that reproduces inside a cell.
|
Biological Virus:
|
|
|
Three types of malware that have primary traits of circulation and/ or infection are:
|
Viruses
Trojans Worms |
|
|
malicious computer code that, like is biological counterpart, reproduces itself on the same computer. Viruses replicate itself (or an evolved copy of itself) without any human intervention.
|
Computer virus (virus):
|
|
|
a virus that infects an executable program file.
when the program is launched the virus is “activated” |
Program Virus |
|
|
One of the most common data file viruses that is written in a script is known as
|
Macro virus
|
|
|
a series of instructions that can be grouped together as a single command |
Macro |
|
|
can be written by using a macro language such as Visual Basic for applications (VBA), are stored within the user document (.XLSX) and .Doc |
Macro |
|
|
how many different Microsoft Windows File types can be infected with a virus |
70 |
|
|
a virus that first attaches or appends itself to the end of the infected file. it then inserts at the beginning of the file a "jump" instruction that points to the end of the file which is the beginning of the virus code. |
appender infection |
|
|
viruses that go great lengths to avoid detection is called an |
armored virus |
|
|
Some of the armored virus infection techniques include |
Swiss cheese infection Split infection |
|
|
instead of having a single "jump"instruction to the "plain" virus code, some armored viruses perform two actions to make detection more difficult. |
Swiss cheese infection |
|
|
instead of inserting pieces of the decryption engine throughout the program code, some viruses split the malicious code itself into several parts (along with the main body of code), and then these parts are placed at random positions through the program code. |
Split infection |
|
|
each time an infected program is launched or the file is opened - either by user or by computer operating system the virus performs two actions: |
1 unloads a payload to perform malicious action 2 reproduces itself by inserting its code into another file on the same computer. |
|
|
a _______ can only replicate itself on the host computer on which it is located; it cannot automatically spread to another computer by itself. |
virus |
|
|
viruses have two carriers |
1 a file to which it attaches 2 human to transport it to other computers |
|
|
a malicious program that uses a computer network to replicate and (are sometime called network viruses) |
worm |
|
|
designed to enter a computer through a network and then take advantage of vulnerability in an application or an operating system on the host computer |
worm |
|
|
once the ______ has exploited the vulnerability on one system, it immediately searches for another computer on the network that has the same vulnerability |
worm |
|
|
today _____ can leave behind a payload on systems they infect and cause harm, much like a virus (ex. deleting files on a computer or allowing the computer to be remotely controlled by an attacker) |
worm |
|
|
will self replicate between computers (from one computer to another) |
Worm |
|
|
will self-replicate on the host computer but not to other computers |
Virus |
|
|
an executable program that masquerades as performing a benign activity but also does something malicious |
Trojan horse (Trojan) |
|
|
unlike a virus that infects a system without the user's knowledge or consent, a _________ program is installed on the computer system with the user's knowledge..what the __ conceals is its malicious payload |
Trojan |
|
|
a set of software tools used to hide the actions or presence of other types of software (also hide or remove all traces of evidence that reveal the malware, such as log entries |
rootkit |
|
|
primary payload capabilities are to collect data, delete data, modify system security settings, and launch attacks |
payload capabilities |
|
|
used to describe software that secretly spies on users by collecting information without their consent |
Spyware |
|
|
one type of nefarious software is a _____ that silently captures and stores each keystroke that a user types on the computers keyboard (can be a small device or software program) |
Keylogger |
|
|
this embeds itself into a computer so that the message cannot be closed and rebooting the computer has no effect |
Ransomware |
