Upgrade to remove ads Show
Only ₩37,125/year
Terms in this set (52)Malware A wide range of software that is intentionally designed to cause harm to systems and devices, networks, or users (Can gather information, provide illicit access, and many actions that the owner of the system or network will not want to occur) Ransomware Malware that takes over a computer and then demands a ransom Crypto-malware encrypts files and then holds them hostage until a ransom is paid More types of Ransomware Threatening to report the user to law enforcement due to pirated software or pornography or threatening to expose sensitive information or pictures from the victim's hard drive or device Ways to defend against Ransomware attacks - a system backup that stores files in a separate location that will not be impacted if the system were to become infected and encrypted by ransomware Trojan Malware that is typically disguised as legitimate software Remote Access Trojan (RATs) A trojan providing
attackers with remote access to systems Worm Unlike Trojans that require user interaction, worms spread themselves How do worms spread - Can spread via email attachments, network file shares,
and other methods Stuxnet - An attack that occurred in 2010 and is considered the first implementation of a worm as a cyberweapon Rootkit Malware that is specifically designed to allow attackers to access a system through a backdoor. Types of techniques rootkits use to conceal detection - Leverage filesystem drivers to ensure that users cannot see the rootkit files, Why is removing rootkits challenging - Because a system infected with malware like this cannot be trusted Best recommendation for removing rootkits - To rebuild the system or restore it from a known good backup Are there such things as ethical rootkits Yes Backdoor Methods or tools that provide access that bypasses normal authentication and authorization procedures, allowing attackers access to systems, devices, or applications When are backdoors used - typically the tool used for Trojan and Rootkit malware attacks How can backdoors be detected - Detecting backdoors can be done by checking for
unexpected open ports and services, but there are more complex backdoor tools as well Bot Remotely controlled systems or devices that have a malware infection Botnet Groups of bots Why are botnets used - used by attackers who control them to perform actions that range from additional compromises and infection to denial of service attacks or acting as spam relays Botnet command and control system - Operate in client-server mode, where they contact a central control system that provides command and updates and tracks how many systems are in the botnet Peer to Peer Botnet control connect bots to each other, making it harder to take down a single central server or handful of known Command and control IP addresses or domains Fast-flux DNS means that the many systems in the network of control hosts register and de-register their addresses, often every few minutes on an ongoing basis When is Fast Flux used - Botnets typically use fast flux DNS, which used many IP addresses that are used to answer queries for one or more fully qualified DNS names How can Fast Flux attacks be prevented - These types of attacks can be defended in controlled networks by forcing DNS requests to organizationally controlled DNS servers rather than allowing outbound DNS hunting because machine-generated DNS entries can be
easily spotted in logs How do botnets correlate to DDoS attacks - Botnets can be used to attack servers and applications, and distributed denial-of-service attacks against applications are the most common. Keyloggers programs that capture keystrokes from keyboards, although keylogger applications may also capture other input like mouse movement, touchscreen inputs, or credit card swipes from attached devices How do Keyloggers work - Work in ways that include capturing data from the kernel, APIs or scripts, or even directly from the memory How are Keylogger attacks prevented Preventing keyloggers focuses on ensuring malware containing keyloggers is not installed, patching systems, and the use of antimalware tools as well Logic Bomb Malicious code that wait for triggers to go off before activating Virus Malicious programs that self-copy and self-replicate How do viruses spread - Require one or more infection mechanisms that they use to spread, typically paired with a search mechanism to find new places to spread to Trigger sets the conditions for when the virus will execute Payload What the virus does, delivers, or the actions it performs How do Fileless viruses spread - Spread via spam mail and malicious websites Characteristics of fileless viruses - Do not require local file storage because they remain
memory-resident throughout their active life How can a fileless virus be prevented - Ensuring that browsers, plug-ins, and other software that might exploited by attackers are up to date and protected Spyware Malware that is designed to obtain information about an individual, organization, or system Characteristics of Spyware - Many spyware packages track user's browsing habits, installed software, or similar information and report it
back to central servers Stalkerware A type of spyware used to illicitly monitor partners in relationships How can spyware be prevented Spyware can be prevented using antimalware tools and user awareness to help prevent the installation of spyware Potentially Unwanted Programs - Programs that may not be wanted by the user but are not as dangerous as other types of malware. Malicious Code - Code inserted in a software system or web script intended to cause undesired effects, security breaches, or damage to a system. Why is Windows PowerShell a vulnerable target - a popular target for attackers. Comes as default on Windows systems How can Windows PowerShell attacks be prevented As a security defender, make sure to have command-line and PowerShell logging turned on to detect these types of attacks Why is Microsoft Office vulnerable and how is it prevented - Written in Visual Basic for Applications(VBA), office is
a target for attackers through the macros embedded Why is Linux vulnerable to attacks - Linux systems is vulnerable due to attackers using common languages and tools like Python, Perl, and Bash as part of their attack process THINGS TO LEARN!!! Exam lists PowerShell, Python, Bash, Macros, and Visual Basic for Applications(VBA). Make sure to have a basic understanding of how these scripting and programming languages could be used as part of an attack, and know-how you might be able to identify such an attack Artificial inelligence focuses on accomplishing smart tasks by combining ML, deep learning, and related techniques that are intended to emulate human intelligence. Machine Learning - a subset of AI. ML systems modify themselves as they
evolve to become better at the task that they are set to accomplish Best steps to use as a Security Analyst for securing Artificial intelligence and machine learning - Understand the quality and security of source data Recommended textbook solutions
Engineering Electromagnetics8th EditionJohn Buck, William Hayt 483 solutions Operating System Concepts9th EditionAbraham Silberschatz, Greg Gagne, Peter B. Galvin 489 solutions
Python Programming: An Introduction to Computer Science2nd EditionJohn M Zelle 484 solutions
C++ Programming: Program Design Including Data Structures7th EditionD. S. Malik 867 solutions Other sets by this creatorSOC Interview20 terms quinandrew SEC+ Chapter 885 terms quinandrew SEC+ Chapter 7110 terms quinandrew SEC+ Chapter 6111 terms quinandrew Other Quizlet setsElectrodynamics and Electrostatics72 terms Andrea_Foust5 APUSH Vital Vocab Ch 23- 2552 terms amandamad123 Intro to Law57 terms holly_renae Which kind of malware provides an attacker with administrative control over a target computer through a backdoor?A remote access Trojan (RAT) is a malware program that includes a back door for administrative control over the target computer.
What are 4 type of malware attacks?The Most Common Types of Malware Attacks. 1) Adware. Adware serves unwanted or malicious advertising. ... . 2) Fileless Malware. ... . 3) Viruses. ... . 4) Worms. ... . 5) Trojans. ... . 6) Bots. ... . 7) Ransomware. ... . 8) Spyware.. What type of system security malware allows for access to a computer?A backdoor virus or remote access Trojan (RAT) secretly creates a backdoor into an infected computer system that enables threat actors to remotely access it without alerting the user or the system's security programs.
Which type of malware enables a hacker to collect personal information a user enters?Spyware, on the other hand, is a type of malware designed to gain access and damage your computer. Spyware, on the other hand, collects user's information such as habits, browsing history, and personal identification information.
|