What is the purpose of a rootkit quizlet?
Show
Terms in this set (39)What type of attack uses zombies? > Trojan horse > DDoS * What is the best description of Trojan horse malware? > It is the most easily detected form of malware. > It appears as useful software but hides malicious code. * What is the purpose of a rootkit? > To masquerade as a legitimate program > To gain privileged access to a device while concealing itself * (Malware can be classified as follows: When describing malware, what is a difference between a virus and a worm? > A virus focuses on gaining privileged access to a device, whereas a worm does not. > A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently. * What is an example of "hacktivism"? > Criminals use the Internet to attempt to steal money from a banking company. > A group of environmentalists launch a denial-of-service attack against an oil company that is responsible for a large oil spill. * (Hacktivism is a term used to describe cyberattacks carried out by people who are considered political or ideological extremists. Hacktivists attack people or organizations that they believe are enemies to the hacktivist agenda.) What is the purpose of a reconnaissance attack on a computer network? > To steal data from the network servers > To gather information about the target network and system* Which tool is used to provide a list of open ports on network devices? > Nmap > Nmap * Which type of attack allows an attacker to use a brute-force approach? > Packet sniffing > Password cracking * Which term is used to describe the act of sending an email message in an attempt to divulge sensitive information from someone? > Phishing > Phishing * What is the significant characteristic of worm malware? > A worm can execute independently of the host system. > A worm can execute independently of the host system. * (Worm malware can execute and copy itself without being triggered by a host program. It is a significant network and Internet security threat.) A network administrator detects unknown sessions involving port 21 on the network. What could be causing this security breach? > An FTP Trojan horse is executing. > An FTP Trojan horse is executing. * (Network security personnel must be familiar with port numbers in order to identify the service being attacked. Well-known port number 21 is used to initiate an FTP connection to an FTP server. Well-known port 20 is then used to transfer data between the two devices. If the device connecting to the FTP server is unknown and launching an attack, the type of attack might be an FTP Trojan horse.) Which example illustrates how malware might be concealed? > A botnet of zombies carry personal information back to the hacker. > An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware. * (An email attachment that appears as valid software but actually contains spyware shows how malware might be concealed. An attack to block access to a website is a DoS attack. A hacker uses search engine optimization (SEO) poisoning to improve the ranking of a website so that users are directed to a malicious site that hosts malware or uses social engineering methods to obtain information. A botnet of zombie computers is used to launch a DDoS attack.)
Which type of security threat can be described as software that attaches itself to another program to execute a specific unwanted function? > Worm > Virus * (Viruses can be malicious and destructive or simply change something about the computer, such as words or images, and not necessarily cause thecomputer to malfunction. Viruses can be spread through shared media such as CDs or memory sticks, but can also be delivered via the Internet and email.) What type of malware has the primary objective of spreading across the network? > virus > worm * (The main purpose of a worm is to self-replicate and propagate across the network. A virus is a type of malicious software that needs a user to spread. A trojan horse is not self-replicating and disguises itself as a legitimate application when it is not. A botnet is a series of zombie computers working together to wage a network attack.) Why would a rootkit be used by a hacker? > to gain access to a device without being detected > to gain access to a device without being detected * (Hackers use rootkits to avoid detection as well as hide any software installed by the hacker.) Which type of hacker is motivated to protest against political and social issues? > cybercriminal > hacktivist * What is a characteristic of a Trojan horse as it relates to network security? > Extreme quantities of data are sent to a particular network device interface. > An electronic dictionary is used to obtain a password to be used to infiltrate a key network device. > Too much information is destined for a particular memory block, causing additional memory areas to be affected. > Malware is contained in a seemingly legitimate executable program. > Malware is contained in a seemingly legitimate executable program. * (A Trojan horse carries out malicious operations under the guise of a legitimate program.) What is a botnet? > a group of web servers that provide load balancing and fault tolerance > a network of infected computers that are controlled as a group Which type of Trojan horse security breach uses the computer of the victim as the source device to launch other attacks? > DoS > proxy * (The attacker uses a proxy Trojan horse attack to penetrate one device and then use that device to launch attacks on other devices.) What is the primary goal of a DoS attack? > to prevent the target server from being able to handle additional requests > to prevent the target server from being able to handle additional requests * (A denial of service (DoS) attack attempts to overwhelm a system or process by sending large amounts of data or requests to the target. The goal is to keep the system so overwhelmed handling false requests that it is unable to respond to legitimate ones.) What is a main purpose of launching an access attack on network systems? > to prevent other users from accessing the system > to retrieve data * (Gathering information about a network and scanning for access is a reconnaissance attack. Preventing other users from accessing a system is a denial of service attack.) What causes a buffer overflow? > launching a security countermeasure to mitigate a Trojan horse > attempting to write more data to a memory location than that location can hold > sending repeated connections such as Telnet to a particular device, thus denying other data sources > sending too much information to two or more interfaces of the same device, thereby causing dropped packets > downloading and installing too many software updates at one time > attempting to write more data to a memory location than that location can hold * (By sending too much data to a specific area of memory, adjacent memory locations are overwritten, which causes a security issue because the program in the overwritten memory location is affected.) A company pays a significant sum of money to hackers in order to regain control of an email and data server. Which type of security attack was used by the hackers? > DoS > ransomware * (Ransomware involves the hackers preventing user access to the infected and controlled system until the user pays a specified amount.) What is the term used to describe an email that is targeting a specific person employed at a financial institution? > spam > spear phishing (Spear phishing is a phishing attack customized to reach a specific person or target.) Which access attack method involves a software program that attempts to discover a system password by the use of an electronic dictionary? > packet sniffer attack > brute-force attack * In what way are zombies used in security attacks? > They are infected machines that carry out a DDoS attack. > They are infected machines that carry out a DDoS attack. * What are two evasion methods used by hackers? (Choose two.) > scanning > encryption * (The following methods are used by hackers to avoid detection:Encryption and tunneling - hide or scramble the malware content What are two purposes of launching a reconnaissance attack on a network? (Choose two.) >
to retrieve and modify data > to scan for accessibility * What are three techniques used in social engineering attacks? (Choose three.) >
vishing > vishing * (Phishing is an attempt to get a user to divulge information. Vishing is a type of phishing that uses voice and the phone system. With pretexting, the hacker lies to the user in an attempt to obtain information.) An attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this? > port redirection > man in the middle * (An access attack tries to gain access to a resource using a hijacked account or other means. The five types of access attacks include the following:password - a dictionary is used for repeated login
attempts A user is curious about how someone might know a computer has been infected with malware. What are two common malware behaviors? (Choose two.) > The computer emits a hissing sound every time the pencil sharpener is used. > The computer freezes and requires reboots. * (Common symptoms of computers infected with malware: Which type of security attack would attempt a buffer overflow? > ransomware > DoS * (Denial of service (DoS) attacks attempt to disrupt service on the network by either sending a particular device an overwhelming amount of data so no other devices can access the attacked device or by sending malformed packets.) What is a significant characteristic of virus malware? > Virus malware is only distributed over the Internet. > A virus is triggered by an event on the host system. * (A virus is malicious code that is attached to a legitimate program or executable file, and requires specific activation, which may include user actions or a time-based event. When activated, a virus can infect the files it has not yet infected, but does not automatically propagate itself to other systems.) A senior citizen receives a warning on the computer that states that the operating system registry is corrupt and to click a particular link to repair it. Which type of malware is being used to try to create the perception of a computer threat to the user? > DoS > scareware (Scareware is a type of malware that attempts to shock or induce anxiety by creating a perception of a threat.) What is the motivation of a white hat attacker? > fine tuning network devices to improve their performance and efficiency >discovering weaknesses of networks and systems to improve the security level of these systems * (White hat attackers break into networks or computer systems in order to discover weaknesses for the purpose of improving the security of these systems.) What is a ping sweep? > a network scanning technique that indicates the live hosts in a range of IP addresses. > a query and response protocol that identifies information about a domain, including the addresses that are assigned to that domain. > a software application that enables the capture of all network packets that are sent across a LAN. > a scanning technique that examines a range of TCP or UDP port numbers on a host to detect listening services > a network scanning technique that indicates the live hosts in a range of IP addresses. * What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source? > Trojan > phishing What are the three major components of a worm attack? (Choose three.) > an enabling vulnerability > an enabling vulnerability * (A computer can have a worm installed through an email attachment, an executable program file, or a Trojan Horse. The worm attack not only affects one computer, but replicates to other computers. What the worm leaves behind is the payload-the code that results in some action.) Which security threat installs on a computer without the knowledge of the user and then monitors computer activity? > spyware > spyware * (Spyware normally installs on a system without end-user knowledge and monitors activity on a computer, which can then be sent to the source of spyware.) Students also viewedCyberOPs Chapter 6 Quiz14 terms Zakoshi IoT final85 terms dydline IS 101 Living Online171 terms linalei Computer Security: Principles and Practice (4th) C…54 terms TechieMcGee Sets found in the same folderChapter_1_Cybersecurity and the Security Operation…25 terms bobfreedom Chapter_2_Windows Operating System36 terms bobfreedom Chapter_3_Linux Operating System31 terms bobfreedom Chapter_4_Network Protocols and Services36 terms bobfreedom Other sets by this creatorChapter_3_Dynamic Routing26 terms bobfreedom Chapter_3_AAA24 terms bobfreedom Chapter 1: Routing Concepts27 terms bobfreedom Chapter_10_Application Layer27 terms bobfreedom Verified questionssociology What are advantages and disadvantages of governing through the principle of the Iron law of oligarchy? In your response, explain the importance of perspective - the perspective of the governing party and the perspective of those being governed. Verified answer
sociology Twenty years ago, body piercing (other than for earrings) was considered deviant behavior. Today, it is fast becoming a social norm. Is body piercing a fad or a fashion? What factors might cause a behavior that is not desirable in one generation become acceptable? Verified answer
sociology Do you think that our society benefits more, from competitive situations or cooperative situations? Can both approaches be beneficial to society? In what instances might one approach be preferred? . Verified answer
sociology Identify whether the following are advantages (A) or disadvantages (D) of a bureaucracy: a. its use of appropriate criteria in hiring employees b. its use of rules to provide definite guidelines for behavior within the organization c. its ability to hide the true nature of authority relationships d. its encouragement of administrative competence in managers. Verified answer Recommended textbook solutions
Anderson's Business Law and the Legal Environment, Comprehensive Volume23rd EditionDavid Twomey, Marianne Jennings, Stephanie Greene 369 solutions Service Management: Operations, Strategy, and Information Technology7th EditionJames Fitzsimmons, Mona Fitzsimmons 103 solutions
Operations Management13th EditionWilliam Stevenson 980 solutions
Operations Management: Sustainability and Supply Chain Management12th EditionBarry Render, Chuck Munson, Jay Heizer 1,698 solutions Other Quizlet setsBusiness and Tech B Quiz 314 terms austin8855 Anthro 110 Spring 202083 terms vdls2789 Burwin Pediatric Echo293 terms mitzi_gomez7 Module 1218 terms thejonmariconda What is the purpose of a rootkit?The main purpose of rootkits is to mask malware payloads effectively and preserve their privileged existence on the system. For that reason, a rootkit will conceal files, malware processes, injected modules, registry keys, user accounts or even system registries running on system boot.
What is a rootkit quizlet?Rootkits. a malicious program that gains full access to a computer system. Often uses a known password to gain admin. level access and has the ability to hide files, registry edits, and folders that a computer uses to detect the typical virus or spyware programs.
Why would a rootkit be used by a hacker quizlet?Why would a rootkit be used by a hacker? (Hackers use rootkits to avoid detection as well as hide any software installed by the hacker.)
What are rootkits cyber security fundamentals?A rootkit is software used by cybercriminals to gain control over a target computer or network. Rootkits can sometimes appear as a single piece of software but are often made up of a collection of tools that allow hackers administrator-level control over the target device.
|