CompTIA A+ 1102 Malware

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/17

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

18 Terms

1
New cards

Malware

malicious software

2
New cards

Trojan Horse

- software that pretends to be something else

- anti-virus may catch it, but the better trojan horses are built to avoid and to disable anti-virus software

3
New cards

Rootkits

- modifies core system files

- embeds itself deep inside the OS, often in the kernel

- can be invisible to the OS and to anti-virus software

4
New cards

Finding and Removing Rootkits

- look for the unusual

- use a remover specific to the rootkit

- Secure Boot using a UEFI BIOS

5
New cards

Virus

- malware that can replicate itself

- requires the user to execute a program

6
New cards

Boot Sector Virus

- virus that is part of the boot sector

- runs every time that you start your computer

- preventable with UEFI Secure Boot

7
New cards

Spyware

- malware that spies on you

- may trick you into installing it

- may work in conjunction with a keylogger

8
New cards

Keylogger

saves your input and logs other data, such as your clipboard data

9
New cards

Ransomware

encrypts your data, but will decrypt it if you pay the attackers a ransom

10
New cards

Cryptominers

- require extensive CPU processing ability

- malware that forces cryptomining to occur on your computer

11
New cards

Windows Recovery Environment

- basic command line that can be used without having to fully start Windows

- provides complete control, but requires an extensive knowledge base to properly and safely use

12
New cards

Starting the Windows Recovery Environment

- hold shift while clicking the restart button

- or, boot from installation media

- or, restart into advanced startup

- recovery > troubleshoot > advanced options > command prompt

13
New cards

Software Firewall

- monitors the local computer

- prevents malware communication

- for example, Microsoft Defender Firewall

- built into Windows

14
New cards

What is the only way to guarantee malware removal?

OS reinstallation

15
New cards

Malware Removal Process (steps)

1. verify malware symptoms

2. quarantine infected

3. disable system restore

4. remediate : update anti-virus

5. remediate : scan and remove

6. schedule scans and run updates

7. enable system protection

8. educate the end user

16
New cards

2. Quarantine Infected (Malware Removal Process)

- disconnect from the network

- isolate all removable media

- control the spread

17
New cards

4. Remediate : Update Anti-Virus (Malware Removal Process)

- the malware may prevent the update process

- copy updated signatures onto your computer

18
New cards

5. Remediate : Scan and Remove (Malware Removal Process)

use tools or run in Safe Mode or in WinPE