CompTIA Security+ SY0-701| Question
Bank 2024/2025| Verified Solutions
**Ransomware**
A type of malware that encrypts files on a victim's system, rendering them inaccessible until a
ransom is paid for the decryption key.
Ransomware often spreads through phishing emails or malicious downloads.
**Spyware**
Software that secretly monitors and collects user data without their consent, often used for
advertising purposes or identity theft.
Spyware can track keystrokes, browsing habits, and personal information.
**Adware**
A form of unwanted software that displays advertisements on a user's computer, often bundled
with free software.
While not always malicious, adware can slow down system performance and invade user
privacy.
**Keylogger**
A type of surveillance software that records every keystroke made by a user to capture sensitive
information such as passwords and credit card numbers.
Keyloggers can be used maliciously to steal credentials and sensitive data.
1
,**Rootkit**
A collection of software tools that allow unauthorized users to gain control of a computer system
while remaining undetected.
Rootkits can modify system files and processes to hide their presence.
**Botnet**
A network of compromised computers controlled by a single attacker to perform automated
tasks, often used for distributed denial-of-service (DDoS) attacks.
Botnets can be used to execute large-scale attacks or send spam emails.
**Logic Bomb**
A piece of code intentionally inserted into software that triggers a malicious action when specific
conditions are met.
Logic bombs can be difficult to detect until activated.
**Backdoor**
A method of bypassing normal authentication to gain unauthorized access to a system, often left
by malware or a compromised application.
Backdoors can be used by attackers to regain access after the initial intrusion has been
removed.
**Phishing**
2
, A social engineering technique used to deceive individuals into providing sensitive information,
often via fraudulent emails or websites.
Phishing attacks can lead to identity theft and financial loss.
**Denial of Service (DoS) Attack**
An attack designed to overwhelm a service or network resource, rendering it unavailable to
legitimate users.
DoS attacks can disrupt operations and lead to financial losses for organizations.
**Social Engineering**
A manipulation technique that exploits human psychology to gain confidential information or
access to secure systems.
Social engineering tactics often include phishing, pretexting, and baiting.
**Malware**
A general term for any software intentionally designed to cause damage to a computer, server,
client, or computer network.
Malware can include viruses, worms, Trojans, ransomware, and spyware.
**Virus**
A type of malware that attaches itself to a legitimate program or file and spreads to other
programs or files when executed.
Unlike worms, viruses require user interaction to propagate.
3
Bank 2024/2025| Verified Solutions
**Ransomware**
A type of malware that encrypts files on a victim's system, rendering them inaccessible until a
ransom is paid for the decryption key.
Ransomware often spreads through phishing emails or malicious downloads.
**Spyware**
Software that secretly monitors and collects user data without their consent, often used for
advertising purposes or identity theft.
Spyware can track keystrokes, browsing habits, and personal information.
**Adware**
A form of unwanted software that displays advertisements on a user's computer, often bundled
with free software.
While not always malicious, adware can slow down system performance and invade user
privacy.
**Keylogger**
A type of surveillance software that records every keystroke made by a user to capture sensitive
information such as passwords and credit card numbers.
Keyloggers can be used maliciously to steal credentials and sensitive data.
1
,**Rootkit**
A collection of software tools that allow unauthorized users to gain control of a computer system
while remaining undetected.
Rootkits can modify system files and processes to hide their presence.
**Botnet**
A network of compromised computers controlled by a single attacker to perform automated
tasks, often used for distributed denial-of-service (DDoS) attacks.
Botnets can be used to execute large-scale attacks or send spam emails.
**Logic Bomb**
A piece of code intentionally inserted into software that triggers a malicious action when specific
conditions are met.
Logic bombs can be difficult to detect until activated.
**Backdoor**
A method of bypassing normal authentication to gain unauthorized access to a system, often left
by malware or a compromised application.
Backdoors can be used by attackers to regain access after the initial intrusion has been
removed.
**Phishing**
2
, A social engineering technique used to deceive individuals into providing sensitive information,
often via fraudulent emails or websites.
Phishing attacks can lead to identity theft and financial loss.
**Denial of Service (DoS) Attack**
An attack designed to overwhelm a service or network resource, rendering it unavailable to
legitimate users.
DoS attacks can disrupt operations and lead to financial losses for organizations.
**Social Engineering**
A manipulation technique that exploits human psychology to gain confidential information or
access to secure systems.
Social engineering tactics often include phishing, pretexting, and baiting.
**Malware**
A general term for any software intentionally designed to cause damage to a computer, server,
client, or computer network.
Malware can include viruses, worms, Trojans, ransomware, and spyware.
**Virus**
A type of malware that attaches itself to a legitimate program or file and spreads to other
programs or files when executed.
Unlike worms, viruses require user interaction to propagate.
3
