CMPT 280 MALWARE EXAM WITH COMPLETE SOLUTIONS 100% VERIFIED
malware - Answer software that is intended to damage or disable computers and
computer systems.
propagation mechanisms - Answer infection of existing content, exploit of software
vulnerabilities, social engineering attacks.
Payload actions performed by malware once it reaches a target system can include: -
Answer corruption of system of data files, stealthing, theft of service, info, or keylogging
Advanced Persistent Threat (APT) - Answer a sophisticated, possibly long-running
computer hack that is perpetrated by large, well-funded organizations such as
governments. Use social engineering, spear-phising emails, and drive-by downloads.
Viruses - Answer piece of software that infects a program. modifies them to include
copy of that virus, replicates to infect other content, and spreads through network
environments.
Virus components - Answer infection mechanism, trigger, payload
virus phases - Answer dormant (some), triggering, propagation, execution
virus classifications by target - Answer Boot sector infector, File infector, Macro virus,
Multipartite virus
Boot sector infector - Answer Infects a master boot record or boot record and spreads
when a system is booted from the disk containing the virus
file infector - Answer infects files considered to be executable
, macro virus - Answer Infects files with macro or scripting code that is interpreted by an
application
multipartite virus - Answer infects files in multiple ways
virus classification by concealment strategy - Answer Encrypted virus, Stealth virus,
Polymorphic virus, Metamorphic virus
encrypted virus - Answer A portion of the virus creates a random encryption key and
encrypts the remainder of the virus
stealth virus - Answer A virus that attempts to avoid detection by masking itself from
applications.
polymorphic virus - Answer mutates with every infection
metamorphic virus - Answer Virus that is able to rewrite itself entirely before it attempts
to infect a file (advanced version of polymorphic virus)
worms - Answer destructive programs that replicate themselves without requiring
another program to provide a safe environment for replication
worm replicatioin - Answer email or instant messaging, file sharing, remote execution
capability, remote login capability, remote file access or transfer capability
Worm Target Discovery - Answer searches for other systems to infect
(fingerprinting/scanning), and compiles a list of potential vulnerable machines. each
infect machine is provided with a portion of the list
mobile code - Answer Software that is transmitted across the network from a remote
malware - Answer software that is intended to damage or disable computers and
computer systems.
propagation mechanisms - Answer infection of existing content, exploit of software
vulnerabilities, social engineering attacks.
Payload actions performed by malware once it reaches a target system can include: -
Answer corruption of system of data files, stealthing, theft of service, info, or keylogging
Advanced Persistent Threat (APT) - Answer a sophisticated, possibly long-running
computer hack that is perpetrated by large, well-funded organizations such as
governments. Use social engineering, spear-phising emails, and drive-by downloads.
Viruses - Answer piece of software that infects a program. modifies them to include
copy of that virus, replicates to infect other content, and spreads through network
environments.
Virus components - Answer infection mechanism, trigger, payload
virus phases - Answer dormant (some), triggering, propagation, execution
virus classifications by target - Answer Boot sector infector, File infector, Macro virus,
Multipartite virus
Boot sector infector - Answer Infects a master boot record or boot record and spreads
when a system is booted from the disk containing the virus
file infector - Answer infects files considered to be executable
, macro virus - Answer Infects files with macro or scripting code that is interpreted by an
application
multipartite virus - Answer infects files in multiple ways
virus classification by concealment strategy - Answer Encrypted virus, Stealth virus,
Polymorphic virus, Metamorphic virus
encrypted virus - Answer A portion of the virus creates a random encryption key and
encrypts the remainder of the virus
stealth virus - Answer A virus that attempts to avoid detection by masking itself from
applications.
polymorphic virus - Answer mutates with every infection
metamorphic virus - Answer Virus that is able to rewrite itself entirely before it attempts
to infect a file (advanced version of polymorphic virus)
worms - Answer destructive programs that replicate themselves without requiring
another program to provide a safe environment for replication
worm replicatioin - Answer email or instant messaging, file sharing, remote execution
capability, remote login capability, remote file access or transfer capability
Worm Target Discovery - Answer searches for other systems to infect
(fingerprinting/scanning), and compiles a list of potential vulnerable machines. each
infect machine is provided with a portion of the list
mobile code - Answer Software that is transmitted across the network from a remote