CPSC 4200 Exam 2 With Correct
Responces
Chapter nn6 nn- nnMalware
What nnare nnthree nnbroad nnmechanisms nnthat nnmalware nncan nnuse nnto nnpropagate?
nn- nnCORRECT✅✅infection nnof nnexisting nnexecutable nnor nninterpreted nncontent nnby
nnviruses nnthat nnis nnsubsequently nnspread nnto nnother nnsystems;
exploit nnof nnsoftware nnvulnerabilities nneither nnlocally nnor nnover nna nnnetwork nnby
nnworms nnor nndrive-by-downloads nnto nnallow nnthe nnmalware nnto nnreplicate; nnand
social nnengineering nnattacks nnthat nnconvince nnusers nnto nnbypass nnsecurity
nnmechanisms nnto nninstall nntrojans, nnor nnto nnrespond nnto nnphishing nnattacks.
What nnare nnfour nnbroad nncategories nnof nnpayloads nnthat nnmalware nnmay nncarry? nn-
nnCORRECT✅✅corruption nnof nnsystem nnor nndata nnfiles;
theft nnof nnservice nnin nnorder nnto nnmake nnthe nnsystem nna nnzombie nnagent nnof nnattack
nnas nnpart nnof nna nnbotnet;
theft nnof nninformation nnfrom nnthe nnsystem, nnespecially nnof nnlogins, nnpasswords nnor
nnother nnpersonal nndetails nnby nnkeylogging nnor nnspyware nnprograms; nnand
stealthing nnwhere nnthe nnmalware nnhides nnit nnpresence nnon nnthe nnsystem nnfrom
nnattempts nnto nndetect nnand nnblock nnit.
What nnare nntypical nnphases nnof nnoperation nnof nna nnvirus nnor nnworm? nn-
nnCORRECT✅✅a nndormant nnphase nn(when nnthe nnvirus nnis nnidle),
a nnpropagation nnphase nn(where nnit nnmakes nncopies nnof nnitself nnelsewhere),
nna nntriggering nnphase nn(when nnactivated), nnand
an nnexecution nnphase nn(to nnperform nnsome nntarget nnfunction).
What nnmechanisms nncan nna nnvirus nnuse nnto nnconceal nnitself? nn-
nnCORRECT✅✅Some nnmechanisms nna nnvirus nncan nnuse nnto nnconceal nnitself
nninclude: nnencryption, nnstealth, nnpolymorphism, nnmetamorphism.
What nnis nna nn"drive-by-download" nnand nnhow nndoes nnit nndiffer nnfrom nna nnworm? nn-
nnCORRECT✅✅A nn"drive-by-download" nnexploits nnbrowser nnvulnerabilities nnso
nnthat nnwhen nnthe nnuser nnviews nna nnweb nnpage nncontrolled nnby nnthe nnattacker, nnit
nncontains nncode nnthat nnexploits nnsome nnbrowser nnbug nnto nndownload nnand nninstall
nnmalware nnon nnthe nnsystem nnwithout nnthe nnuser's nnknowledge nnor nnconsent. nnIt
nndiffers nnfrom nna nnworm nnsince nnit nndoes nnnot nnactively nnpropagate nnas nna nnworm
nndoes, nnbut nnrather nnwaits nnfor nnunsuspecting nnusers nnto nnvisit nnthe nnmalicious
nnweb nnpage nnin nnorder nnto nnspread nnto nntheir nnsystems.
, What nnis nna nn"logic nnbomb"? nn- nnCORRECT✅✅A nnlogic nnbomb nnis nncode
nnembedded nnin nnthe nnmalware nnthat nnis nnset nnto nn"explode" nnwhen nncertain
nnconditions nnare nnmet, nnsuch nnas nnthe nnpresence nnor nnabsence nnof nncertain nnfiles
nnor nndevices nnon nnthe nnsystem, nna nnparticular nnday nnof nnthe nnweek nnor nndate, nna
nnparticular nnversion nnor nnconfiguration nnof nnsome nnsoftware, nnor nna nnparticular nnuser
nnrunning nnthe nnapplication. nnWhen nntriggered, nnthe nnbomb nnexecutes nnsome
nnpayload nncarried nnby nnthe nnmalware.
What nnis nnthe nndifference nnbetween nna nnbackdoor, nna nnkeylogger, nnspyware, nnand
nna nnrootkit? nn- nnCORRECT✅✅A nnbackdoor nnis nna nnsecret nnentry nnpoint nninto nna
nnprogram nnor nnsystem nnthat nnallows nnsomeone nnwho nnis nnaware nnof nnthe nnbackdoor
nnto nngain nnaccess nnwithout nngoing nnthrough nnthe nnusual nnsecurity nnaccess
nnprocedures.
A nnbot nnsubverts nnthe nncomputational nnand nnnetwork nnresources nnof nnthe nninfected
nnsystem nnfor nnuse nnby nnthe nnattacker.
A nnkeylogger nncaptures nnkeystrokes nnon nnthe nninfected nnmachine, nnto nnallow nnan
nnattacker nnto nnmonitor nnsensitive nninformation nnincluding nnlogin nnand nnpassword
nncredentials.
Spyware nnsubverts nnthe nncompromised nnmachine nnto nnallow nnmonitoring nnof nna
nnwide nnrange nnof nnactivity nnon nnthe nnsystem, nnincluding nnmonitoring nnthe nnhistory
nnand nncontent nnof nnbrowsing nnactivity, nnredirecting nncertain nnweb nnpage nnrequests
nnto nnfake nnsites nncontrolled nnby nnthe nnattacker, nndynamically nnmodifying nndata
nnexchanged nnbetween nnthe nnbrowser nnand nncertain nnweb nnsites nnof nninterest;
nnwhich nncan nnresult nnin nnsignificant nncompromise nnof nnthe nnuser's nnpersonal
nninformation.
A nnrootkit nnis nna nnset nnof nnprograms nninstalled nnon nna nnsystem nnto nnmaintain nncovert
nnaccess nnto nnthat nnsystem nnwith nnadministrator nn(or nnroot) nnprivileges, nnwhilst
nnhiding nnevidence nnof nnits nnpresence nnto nnthe nngreatest nnextent nnpossible. nnThese
nncan nnall nnbe nnpresent nnin nnthe nnsame nnmalware.
What nnis nnthe nndifference nnbetween nna nn"phishing" nnattack nnand nna nn"spear-
phishing" nnattack, nnparticularly nnin nnterms nnof nnwho nnthe nntarget nnmay nnbe? nn-
nnCORRECT✅✅A nnphishing nnattack nnuses nna nnspam nne-mail nnto nnexploit nnsocial
nnengineering nnto nnleverage nnuser's nntrust nnby nnmasquerading nnas nncommunications
nnfrom nna nntrusted nnsource, nnthat nnmay nndirect nna nnuser nnto nna nnfake nnWeb nnsite,
nnor nnto nncomplete nnsome nnenclosed nnform nnand nnreturn nnin nnan nne-mail nnaccessible
nnto nnthe nnattacker. nnA nnmore nndangerous nnvariant nnof nnthis nnis nnthe nnspear-phishing
nnattack. nnThis nnagain nnis nnan nne-mail nnclaiming nnto nnbe nnfrom nna nntrusted nnsource.
nnHowever, nnthe nnrecipients nnare nncarefully nnresearched nnby nnthe nnattacker, nnand
nneach nne-mail nnis nncarefully nncrafted nnto nnsuit nnits nnrecipient nnspecifically, nnoften
nnquoting nna nnrange nnof nninformation nnto nnconvince nnthem nnof nnits nnauthenticity.
nnThis nngreatly nnincreases nnthe nnlikelihood nnof nnthe nnrecipient nnresponding nnas
nndesired nnby nnthe nnattacker.
Describe nnsome nnmalware nncountermeasure nnelements. nn-
nnCORRECT✅✅prevention nnin nnnot nnallowing nnmalware nnto nnget nninto nnthe
Responces
Chapter nn6 nn- nnMalware
What nnare nnthree nnbroad nnmechanisms nnthat nnmalware nncan nnuse nnto nnpropagate?
nn- nnCORRECT✅✅infection nnof nnexisting nnexecutable nnor nninterpreted nncontent nnby
nnviruses nnthat nnis nnsubsequently nnspread nnto nnother nnsystems;
exploit nnof nnsoftware nnvulnerabilities nneither nnlocally nnor nnover nna nnnetwork nnby
nnworms nnor nndrive-by-downloads nnto nnallow nnthe nnmalware nnto nnreplicate; nnand
social nnengineering nnattacks nnthat nnconvince nnusers nnto nnbypass nnsecurity
nnmechanisms nnto nninstall nntrojans, nnor nnto nnrespond nnto nnphishing nnattacks.
What nnare nnfour nnbroad nncategories nnof nnpayloads nnthat nnmalware nnmay nncarry? nn-
nnCORRECT✅✅corruption nnof nnsystem nnor nndata nnfiles;
theft nnof nnservice nnin nnorder nnto nnmake nnthe nnsystem nna nnzombie nnagent nnof nnattack
nnas nnpart nnof nna nnbotnet;
theft nnof nninformation nnfrom nnthe nnsystem, nnespecially nnof nnlogins, nnpasswords nnor
nnother nnpersonal nndetails nnby nnkeylogging nnor nnspyware nnprograms; nnand
stealthing nnwhere nnthe nnmalware nnhides nnit nnpresence nnon nnthe nnsystem nnfrom
nnattempts nnto nndetect nnand nnblock nnit.
What nnare nntypical nnphases nnof nnoperation nnof nna nnvirus nnor nnworm? nn-
nnCORRECT✅✅a nndormant nnphase nn(when nnthe nnvirus nnis nnidle),
a nnpropagation nnphase nn(where nnit nnmakes nncopies nnof nnitself nnelsewhere),
nna nntriggering nnphase nn(when nnactivated), nnand
an nnexecution nnphase nn(to nnperform nnsome nntarget nnfunction).
What nnmechanisms nncan nna nnvirus nnuse nnto nnconceal nnitself? nn-
nnCORRECT✅✅Some nnmechanisms nna nnvirus nncan nnuse nnto nnconceal nnitself
nninclude: nnencryption, nnstealth, nnpolymorphism, nnmetamorphism.
What nnis nna nn"drive-by-download" nnand nnhow nndoes nnit nndiffer nnfrom nna nnworm? nn-
nnCORRECT✅✅A nn"drive-by-download" nnexploits nnbrowser nnvulnerabilities nnso
nnthat nnwhen nnthe nnuser nnviews nna nnweb nnpage nncontrolled nnby nnthe nnattacker, nnit
nncontains nncode nnthat nnexploits nnsome nnbrowser nnbug nnto nndownload nnand nninstall
nnmalware nnon nnthe nnsystem nnwithout nnthe nnuser's nnknowledge nnor nnconsent. nnIt
nndiffers nnfrom nna nnworm nnsince nnit nndoes nnnot nnactively nnpropagate nnas nna nnworm
nndoes, nnbut nnrather nnwaits nnfor nnunsuspecting nnusers nnto nnvisit nnthe nnmalicious
nnweb nnpage nnin nnorder nnto nnspread nnto nntheir nnsystems.
, What nnis nna nn"logic nnbomb"? nn- nnCORRECT✅✅A nnlogic nnbomb nnis nncode
nnembedded nnin nnthe nnmalware nnthat nnis nnset nnto nn"explode" nnwhen nncertain
nnconditions nnare nnmet, nnsuch nnas nnthe nnpresence nnor nnabsence nnof nncertain nnfiles
nnor nndevices nnon nnthe nnsystem, nna nnparticular nnday nnof nnthe nnweek nnor nndate, nna
nnparticular nnversion nnor nnconfiguration nnof nnsome nnsoftware, nnor nna nnparticular nnuser
nnrunning nnthe nnapplication. nnWhen nntriggered, nnthe nnbomb nnexecutes nnsome
nnpayload nncarried nnby nnthe nnmalware.
What nnis nnthe nndifference nnbetween nna nnbackdoor, nna nnkeylogger, nnspyware, nnand
nna nnrootkit? nn- nnCORRECT✅✅A nnbackdoor nnis nna nnsecret nnentry nnpoint nninto nna
nnprogram nnor nnsystem nnthat nnallows nnsomeone nnwho nnis nnaware nnof nnthe nnbackdoor
nnto nngain nnaccess nnwithout nngoing nnthrough nnthe nnusual nnsecurity nnaccess
nnprocedures.
A nnbot nnsubverts nnthe nncomputational nnand nnnetwork nnresources nnof nnthe nninfected
nnsystem nnfor nnuse nnby nnthe nnattacker.
A nnkeylogger nncaptures nnkeystrokes nnon nnthe nninfected nnmachine, nnto nnallow nnan
nnattacker nnto nnmonitor nnsensitive nninformation nnincluding nnlogin nnand nnpassword
nncredentials.
Spyware nnsubverts nnthe nncompromised nnmachine nnto nnallow nnmonitoring nnof nna
nnwide nnrange nnof nnactivity nnon nnthe nnsystem, nnincluding nnmonitoring nnthe nnhistory
nnand nncontent nnof nnbrowsing nnactivity, nnredirecting nncertain nnweb nnpage nnrequests
nnto nnfake nnsites nncontrolled nnby nnthe nnattacker, nndynamically nnmodifying nndata
nnexchanged nnbetween nnthe nnbrowser nnand nncertain nnweb nnsites nnof nninterest;
nnwhich nncan nnresult nnin nnsignificant nncompromise nnof nnthe nnuser's nnpersonal
nninformation.
A nnrootkit nnis nna nnset nnof nnprograms nninstalled nnon nna nnsystem nnto nnmaintain nncovert
nnaccess nnto nnthat nnsystem nnwith nnadministrator nn(or nnroot) nnprivileges, nnwhilst
nnhiding nnevidence nnof nnits nnpresence nnto nnthe nngreatest nnextent nnpossible. nnThese
nncan nnall nnbe nnpresent nnin nnthe nnsame nnmalware.
What nnis nnthe nndifference nnbetween nna nn"phishing" nnattack nnand nna nn"spear-
phishing" nnattack, nnparticularly nnin nnterms nnof nnwho nnthe nntarget nnmay nnbe? nn-
nnCORRECT✅✅A nnphishing nnattack nnuses nna nnspam nne-mail nnto nnexploit nnsocial
nnengineering nnto nnleverage nnuser's nntrust nnby nnmasquerading nnas nncommunications
nnfrom nna nntrusted nnsource, nnthat nnmay nndirect nna nnuser nnto nna nnfake nnWeb nnsite,
nnor nnto nncomplete nnsome nnenclosed nnform nnand nnreturn nnin nnan nne-mail nnaccessible
nnto nnthe nnattacker. nnA nnmore nndangerous nnvariant nnof nnthis nnis nnthe nnspear-phishing
nnattack. nnThis nnagain nnis nnan nne-mail nnclaiming nnto nnbe nnfrom nna nntrusted nnsource.
nnHowever, nnthe nnrecipients nnare nncarefully nnresearched nnby nnthe nnattacker, nnand
nneach nne-mail nnis nncarefully nncrafted nnto nnsuit nnits nnrecipient nnspecifically, nnoften
nnquoting nna nnrange nnof nninformation nnto nnconvince nnthem nnof nnits nnauthenticity.
nnThis nngreatly nnincreases nnthe nnlikelihood nnof nnthe nnrecipient nnresponding nnas
nndesired nnby nnthe nnattacker.
Describe nnsome nnmalware nncountermeasure nnelements. nn-
nnCORRECT✅✅prevention nnin nnnot nnallowing nnmalware nnto nnget nninto nnthe
