StudyXY
RegisterLog in
Information Technology /Cyber-Security: Malwares

Cyber-Security: Malwares

Information Technology30 CardsCreated about 2 months ago

This flashcard set highlights common cybersecurity attacks like eavesdropping and denial-of-service, clarifies misconceptions about malware detection and the Ping of Death, and explains how base-64 encoding works.

PrintEmbedImportReport

What type of malicious procedure involves using sniffing tools to capture network communications to intercept confidential information or gather credentials that can be used to extend the attack?

EavesDropping

Tap or swipe ↕ to flip
Swipe ←→Navigate
SSpeak
FFocus
1/30

Key Terms

Term
Definition

What type of malicious procedure involves using sniffing tools to capture network communications to intercept confidential information or gather credentials that can be used to extend the attack?

EavesDropping

The base-64 numbering system uses how many bits to represent a character?

6

Which type of attack cripples the network and prevents legitimate users from accessing network resources?

denial-of-service

Malware programs cannot be detected by antivirus programs.

False

The Ping of Death is an exploit that sends multiple ICMP packets to a host faster than the host can handle. True or False?

False

When a computer hacker uses multiple compromised computers to carry out a DDOS attack, the compromised computers are usually referred to as which of the following?

zombies

Log in to view all terms

Related Flashcard Decks

Information Technology

Security+ (SY0-701): Additional Knowledge

This flashcard set explores various cybersecurity topics including credential-stuffing attacks, data classification (e.g., private data), and key disaster recovery metrics like RTO. It also highlights protective measures such as hashing for data integrity, automation support challenges, and the use of URL scanning in web filtering to prevent malware infections.

10 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 5.0 Security Program Management and Oversight

This flashcard set covers key concepts in cybersecurity governance frameworks, including centralized governance, data stewardship roles, and compliance laws like SOX. It also addresses environments supporting development and change management, as well as recovery strategies like Recovery Point Objective (RPO) to minimize data loss during system failures.

8 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 4.0 Security Operations

This flashcard set explores advanced cybersecurity practices including refining SIEM alert handling, email security protocols (DKIM, DMARC), secure authentication methods, and strategic threat-hunting. It emphasizes how to enhance incident response efficiency and leverage proactive defense techniques like maneuvering to counteract potential threats.

11 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 2.0 Threats, Vulnerabilities, and Mitigations

This deck covers key concepts related to threats, vulnerabilities, and mitigations in cybersecurity, focusing on virtual machine security.

1 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 1.0 General Security Concepts

This flashcard deck covers key concepts from the Security+ (SY0-701) exam, focusing on general security concepts such as technical and operational controls, policy enforcement, and tokenization.

6 cards
View Deck
Information Technology

Security+ (SY0-701): Lesson 16: Summarize Data Protection Part 2

This flashcard deck covers key concepts from the Security+ (SY0-701) Lesson 16, focusing on data protection methods, DLP components, and security awareness training.

25 cards
View Deck

Study Tips

  • Press F to enter focus mode for distraction-free studying
  • Review cards regularly to improve retention
  • Try to recall the answer before flipping the card
  • Share this deck with friends to study together
Cyber-Security: Malwares
TermDefinition

What type of malicious procedure involves using sniffing tools to capture network communications to intercept confidential information or gather credentials that can be used to extend the attack?

EavesDropping

The base-64 numbering system uses how many bits to represent a character?

6

Which type of attack cripples the network and prevents legitimate users from accessing network resources?

denial-of-service

Malware programs cannot be detected by antivirus programs.

False

The Ping of Death is an exploit that sends multiple ICMP packets to a host faster than the host can handle. True or False?

False

When a computer hacker uses multiple compromised computers to carry out a DDOS attack, the compromised computers are usually referred to as which of the following?

zombies

When a programmer exploits written code that doesn’t check for a defined amount of memory space they are executing which of the following attacks?

buffer overflow

Which of the following physical security methods provides the ability to secure a company’s assets and document any individuals physical time of entry?

card access

A computer hacker may use a phishing e-mail to lure a user into following a malicious link. What type of technique is being used by the computer hacker?

social engineering

A malicious computer program that replicates and propagates itself without having to attach to a host is called which of the following?

worm

What is the main purpose of malware?

Financial gain or destruction

If an attacker wishes to collect confidential financial data, passwords, PINs and any personal data stored on your computer which of the following programs would they choose to use?

Spyware

Which of the following exploits might hide its destructive payload in a legitimate application or game?

Trojan program

Whitelisting allows only approved programs to run on a computer.

True

Trojan Programs can install a specific type of program to allow an attacker access to the attacked computer later. What means of access is the attacker utilizing?

backdoor

What type of virus is used to lock a user’s system, or cloud accounts until the system’s owner complies by paying the attacker a monetary fee?

ransomware

Which of the following doesn’t attach itself to a host but can replicate itself?

Worm

Which term best describes malicious programmatic behaviors that antivirus software companies use to compare known viruses to every file on a computer?

heuristics

Which of the following is an example of a macro programming language?

Visual Basic for Applications

What type of malicious program cannot stand on its own and can replicate itself through an executable program attached to an e-mail?

virus

Antivirus software should be updated annually. True or False?

False

To reduce the risk of a virus attack on a network, you should do which of the following?

All of the above

What type of hardware devices and computer programs can be used to obtain passwords by capturing key strokes on a targeted computer system?

Keyloggers

The acronym IDS stands for which of the following?

Intrusion Detection System

Which term best describes a hash or code pattern that antivirus software companies use to compare known viruses to every file on a computer?

signatures

Which of the following is a good place to begin your search for vulnerabilities in Microsoft products?

Microsoft Security Bulletins

Which type of security is specifically concerned with computers or devices that are part of a network infrastructure?

Network security

An exploit that leaves an attacker with another way to compromise a network later is called which of the following? (Choose all that apply.)

Rootkit

| Backdoor

Which type of attack is being carried out when an attacker joins a TCP session and makes both parties think he or she is the other party?

Session hijacking

One purpose of adware is to determine users' purchasing habits. True or False?

True