COMPTIA SECURITY PT. 2
What technique does some malware use to modify itself each time it infects a new system to avoid
signature detection systems? ANS: Polymorphism
What type of website does the attacker use when waging a watering hole attack? ANS: Site trusted by
the end user
What is the most effective defense against cross-site scripting attacks? ANS: Input validation
A social engineer calls an administrative assistant in your organization and obtains her password by
threatening her that her boss' account will be deleted if she does not provide the password to assist
with troubleshooting. What type of attack is this/ ANS: Intimidation
Malicious Software ANS: Malware
The way that a malware object spreads. ANS: Propagation Mechanism
The malicious action that the malware performs. ANS: Payload
Malware that spreads by human action ANS: Virus
Malware that can be spread by themselves without human interaction ANS: Worms
Worm created in 2010. Infiltrated an Iranian Nuclear facility and damaged uranium enrichment
equipment. ANS: Stuxnet
Malware that disguises themselves as another program and will deliver a malicious payload behind the
scenes. ANS: Trojan Horse
,Remote Access Trojan ANS: RAT
Malware that provides backdoors to hacked systems ANS: RAT
Best defense against viruses ANS: User Education
Best defense against Trojans ANS: Application control
Three different types of Malware payloads ANS: Adware, Spyware, and Ransomware
Malware that has the specific purpose of displaying advertisements ANS: Adware
Changing the default search engine, displaying pop p advertisements, and replacing legitimate ads with
other ads are all ANS: Adware mechanisms
Malware that gathers information without the users knowledge or consent ANS: Spyware
Logging keystrokes, monitoring web browsing, and searching hard drives are all ANS: Spyware
techniques
Malware that blocks access to a system ANS: Ransomware
Arrives via email attachment, encrypts local files, demands ransom on short notice are all ANS:
Ransomware techniques
Anti-malware software, security patches, and user education are all ways to ANS: Prevent Malware
,Malware that provides workaround access to a system ANS: Backdoor
Hardcoded accounts, default passwords, and unknown access channels are all ANS: Backdoor
mechanisms
Malware that is set to issue a payload when certain criteria is met ANS: Logic Bomb
Date/Time reached, file contents, and API call results are all ANS: Logic Bomb conditions
A set of subroutine definitions, protocols, and tools for building application software ANS: API
Application Programming Interface ANS: API
A special superuser account that provides unrestricted access to system resources ANS: Root Account
Root kits, Polymorphism, and Armored Viruses are all types of ANS: Advanced Malware
Malware that can escalate user privileges. Can run in user mode or kernel mode ANS: Rootkit
Backdoors, Botnet Agents, and Adware/Spyware are all ANS: Rootkit Payloads
Rootkit that can run with normal user privileges, are easy to write and difficult to detect ANS: User
Mode Rootkit
Rootkit that can run with system privileges ANS: Kernel Mode Rootkits
, Identifying viruses by detecting known code patterns from a database ANS: Signature Detection
Malware that changes code to avoid detection, uses encryption with a different key on infected systems
ANS: Polymorphic Virus
Malware that prevents reverse engineering techniques to hide themselves ANS: Armored Virus
A network of infected computers used for malicious intent ANS: Botnet
Delivering spam, engaging in DDoS attacks, mining bitcoin, and bruteforce attacks ANS: Botnet
techniques
Notifying a vendor of vulnerability, providing the vendor a reasonable amount to create a patch, and
disclosing the vulnerability is ANS: Ethical Disclosure
A vulnerability in a product that has been discovered by at least one researcher but has not yet been
patched by the vendor ANS: Zero Day Vulnerability
Advanced Persistent Threat ANS: APT
Agents who are well funded, highly skilled, typically government sponsored, and have access to Zero Day
Vulnerabilities ANS: APTs
Unskilled attackers who simply reuse hacking tools developed by others ANS: Script Kiddie
Hackers who seek to use hacking tools to advance political and social agendas ANS: Hacktivist
What technique does some malware use to modify itself each time it infects a new system to avoid
signature detection systems? ANS: Polymorphism
What type of website does the attacker use when waging a watering hole attack? ANS: Site trusted by
the end user
What is the most effective defense against cross-site scripting attacks? ANS: Input validation
A social engineer calls an administrative assistant in your organization and obtains her password by
threatening her that her boss' account will be deleted if she does not provide the password to assist
with troubleshooting. What type of attack is this/ ANS: Intimidation
Malicious Software ANS: Malware
The way that a malware object spreads. ANS: Propagation Mechanism
The malicious action that the malware performs. ANS: Payload
Malware that spreads by human action ANS: Virus
Malware that can be spread by themselves without human interaction ANS: Worms
Worm created in 2010. Infiltrated an Iranian Nuclear facility and damaged uranium enrichment
equipment. ANS: Stuxnet
Malware that disguises themselves as another program and will deliver a malicious payload behind the
scenes. ANS: Trojan Horse
,Remote Access Trojan ANS: RAT
Malware that provides backdoors to hacked systems ANS: RAT
Best defense against viruses ANS: User Education
Best defense against Trojans ANS: Application control
Three different types of Malware payloads ANS: Adware, Spyware, and Ransomware
Malware that has the specific purpose of displaying advertisements ANS: Adware
Changing the default search engine, displaying pop p advertisements, and replacing legitimate ads with
other ads are all ANS: Adware mechanisms
Malware that gathers information without the users knowledge or consent ANS: Spyware
Logging keystrokes, monitoring web browsing, and searching hard drives are all ANS: Spyware
techniques
Malware that blocks access to a system ANS: Ransomware
Arrives via email attachment, encrypts local files, demands ransom on short notice are all ANS:
Ransomware techniques
Anti-malware software, security patches, and user education are all ways to ANS: Prevent Malware
,Malware that provides workaround access to a system ANS: Backdoor
Hardcoded accounts, default passwords, and unknown access channels are all ANS: Backdoor
mechanisms
Malware that is set to issue a payload when certain criteria is met ANS: Logic Bomb
Date/Time reached, file contents, and API call results are all ANS: Logic Bomb conditions
A set of subroutine definitions, protocols, and tools for building application software ANS: API
Application Programming Interface ANS: API
A special superuser account that provides unrestricted access to system resources ANS: Root Account
Root kits, Polymorphism, and Armored Viruses are all types of ANS: Advanced Malware
Malware that can escalate user privileges. Can run in user mode or kernel mode ANS: Rootkit
Backdoors, Botnet Agents, and Adware/Spyware are all ANS: Rootkit Payloads
Rootkit that can run with normal user privileges, are easy to write and difficult to detect ANS: User
Mode Rootkit
Rootkit that can run with system privileges ANS: Kernel Mode Rootkits
, Identifying viruses by detecting known code patterns from a database ANS: Signature Detection
Malware that changes code to avoid detection, uses encryption with a different key on infected systems
ANS: Polymorphic Virus
Malware that prevents reverse engineering techniques to hide themselves ANS: Armored Virus
A network of infected computers used for malicious intent ANS: Botnet
Delivering spam, engaging in DDoS attacks, mining bitcoin, and bruteforce attacks ANS: Botnet
techniques
Notifying a vendor of vulnerability, providing the vendor a reasonable amount to create a patch, and
disclosing the vulnerability is ANS: Ethical Disclosure
A vulnerability in a product that has been discovered by at least one researcher but has not yet been
patched by the vendor ANS: Zero Day Vulnerability
Advanced Persistent Threat ANS: APT
Agents who are well funded, highly skilled, typically government sponsored, and have access to Zero Day
Vulnerabilities ANS: APTs
Unskilled attackers who simply reuse hacking tools developed by others ANS: Script Kiddie
Hackers who seek to use hacking tools to advance political and social agendas ANS: Hacktivist
