CECS 378 MIDTERM 2 TERMS QUESTIONS AND ANSWERS
Malware - CORRECT ANSWER✅✅any software used to disrupt computer or mobile operations, gather
sensitive information, gain access to private computer systems, or display unwanted advertising
Types of Malware - CORRECT ANSWER✅✅Trojan Horses, virus, worms, adware, backdoor, spyware,
and others
Two Ways to Categorize Malware - CORRECT ANSWER✅✅Ways a Malware can Propagate itself and
based on the action it performs when it reaches it target (payload)
Malware Propagation Mechanisms - CORRECT ANSWER✅✅Injection by content, drive-by-downloads,
social engineering
Malware Payload Mechanisms - CORRECT ANSWER✅✅corrupts system or data files, Steal services
(Zombie agents), Steal information, Stealth and hiding
Advanced Persistent Threat (APT) - CORRECT ANSWER✅✅Threats focused on a specific target and will
continue attacking for a very long time until they achieve their goal.
APT Techniques - CORRECT ANSWER✅✅Social engineering, Spear-phishing email, Drive-by-downloads
from websites likely to be visited by personnel in the target organization.
Intention of APT - CORRECT ANSWER✅✅To infect the target with sophisticated malware with multiple
propagation mechanisms and payloads. Once they have gained initial access to systems in the target
organization a further range of attack tools are used to maintain and extend their access
Viruses - CORRECT ANSWER✅✅Software that infects other programs.
Characteristics of a Virus - CORRECT ANSWER✅✅Modifies other program to include a copy. Replicates
and goes on to infect other content. Easily spread through network environments. When attached to an
executable program it can do anything that the program is permitted to do. Executes secretly when the
host program is run. Specific to operating system and hardware.
, The Main Components of a Virus - CORRECT ANSWER✅✅Infection Mechanism (spreads & propagates),
Trigger (event that activates the payload; logic bomb) , & Payload (what the virus does when it reaches
the target)
Creeper - CORRECT ANSWER✅✅First malware. Duplicates itself.
INFECTION VECTOR - Spread through connected nodes on the ARBANET network
TRIGGER - detects that it is on a new computer that is not infected
PAYLOAD - displays the message
Elk Cloner - CORRECT ANSWER✅✅10 years after the creeper virus. First virus like thing on
microcomputers (computers that is in a size of a pizza box or laptops). On the 50th execution of a disk, a
poem would be printed. Overwrote boot sector of floppy but otherwise harmless to computer and disks
could be repaired.
Brain - CORRECT ANSWER✅✅First PC virus and first boot sectors virus that was released by a
commercial distributer. Intended to protect the authors' software from piracy but ended infecting
computers which did not copy software. First example of a DESTRUCTIVE BOOT SECTOR VIRUS
Stoned - CORRECT ANSWER✅✅A boot sector virus. Intentional harming virus. Infects the MBR (Master
boot record). Only way to eliminate is to overwrite modified sector. An example is The Bloody Virus.
Michealangelo - CORRECT ANSWER✅✅A variant of the stoned virus that formats every disk on your
computer if your computer is active on Michelangelo's birthday. First malware that made general public
aware of threat. First example of a time-bomb virus. Payload would wipe disks attached to the computer
on Michelangelo's birthday every calendar year.
Virus Phases - CORRECT ANSWER✅✅Dormant Phase - virus has not activated itself and not take
measures to alter their own state to adapt. On their purest form.
Triggering Phase - event that causes the virus to activate itself
Propagation Phase - virus hardens themselves. Virus attempts to make itself resilient. Will copy itself to
other locations on the hard drive. Attempts to clone itself.
Execution phase - Virus does its payload
Malware - CORRECT ANSWER✅✅any software used to disrupt computer or mobile operations, gather
sensitive information, gain access to private computer systems, or display unwanted advertising
Types of Malware - CORRECT ANSWER✅✅Trojan Horses, virus, worms, adware, backdoor, spyware,
and others
Two Ways to Categorize Malware - CORRECT ANSWER✅✅Ways a Malware can Propagate itself and
based on the action it performs when it reaches it target (payload)
Malware Propagation Mechanisms - CORRECT ANSWER✅✅Injection by content, drive-by-downloads,
social engineering
Malware Payload Mechanisms - CORRECT ANSWER✅✅corrupts system or data files, Steal services
(Zombie agents), Steal information, Stealth and hiding
Advanced Persistent Threat (APT) - CORRECT ANSWER✅✅Threats focused on a specific target and will
continue attacking for a very long time until they achieve their goal.
APT Techniques - CORRECT ANSWER✅✅Social engineering, Spear-phishing email, Drive-by-downloads
from websites likely to be visited by personnel in the target organization.
Intention of APT - CORRECT ANSWER✅✅To infect the target with sophisticated malware with multiple
propagation mechanisms and payloads. Once they have gained initial access to systems in the target
organization a further range of attack tools are used to maintain and extend their access
Viruses - CORRECT ANSWER✅✅Software that infects other programs.
Characteristics of a Virus - CORRECT ANSWER✅✅Modifies other program to include a copy. Replicates
and goes on to infect other content. Easily spread through network environments. When attached to an
executable program it can do anything that the program is permitted to do. Executes secretly when the
host program is run. Specific to operating system and hardware.
, The Main Components of a Virus - CORRECT ANSWER✅✅Infection Mechanism (spreads & propagates),
Trigger (event that activates the payload; logic bomb) , & Payload (what the virus does when it reaches
the target)
Creeper - CORRECT ANSWER✅✅First malware. Duplicates itself.
INFECTION VECTOR - Spread through connected nodes on the ARBANET network
TRIGGER - detects that it is on a new computer that is not infected
PAYLOAD - displays the message
Elk Cloner - CORRECT ANSWER✅✅10 years after the creeper virus. First virus like thing on
microcomputers (computers that is in a size of a pizza box or laptops). On the 50th execution of a disk, a
poem would be printed. Overwrote boot sector of floppy but otherwise harmless to computer and disks
could be repaired.
Brain - CORRECT ANSWER✅✅First PC virus and first boot sectors virus that was released by a
commercial distributer. Intended to protect the authors' software from piracy but ended infecting
computers which did not copy software. First example of a DESTRUCTIVE BOOT SECTOR VIRUS
Stoned - CORRECT ANSWER✅✅A boot sector virus. Intentional harming virus. Infects the MBR (Master
boot record). Only way to eliminate is to overwrite modified sector. An example is The Bloody Virus.
Michealangelo - CORRECT ANSWER✅✅A variant of the stoned virus that formats every disk on your
computer if your computer is active on Michelangelo's birthday. First malware that made general public
aware of threat. First example of a time-bomb virus. Payload would wipe disks attached to the computer
on Michelangelo's birthday every calendar year.
Virus Phases - CORRECT ANSWER✅✅Dormant Phase - virus has not activated itself and not take
measures to alter their own state to adapt. On their purest form.
Triggering Phase - event that causes the virus to activate itself
Propagation Phase - virus hardens themselves. Virus attempts to make itself resilient. Will copy itself to
other locations on the hard drive. Attempts to clone itself.
Execution phase - Virus does its payload
