Fundamentals of Cyber Security - Malware

Flashcards about Fundamentals of Cyber Security, covering malware types, infections, and prevention.

What is malware?

Any program or file that's intentionally harmful to a computer, network or server.

What are common types of malware?

Computer viruses, worms, Trojan horses, ransomware and spyware.

What is data exfiltration?

The process where threat actors steal sensitive information stored on a system infected with malware, such as emails, passwords, intellectual property, financial information and login credentials.

What harmful actions can malware perform?

Data exfiltration, service disruption, data espionage, identity theft, stealing resources, and system damage.

According to the IBM X-Force Threat Intelligence Index 2024, what was the rise in cyberattacks using stolen identities in 2023 compared to the previous year?

71%

How can malware authors spread malware?

Removable drives, infected websites, and phishing attacks.

What are common obfuscation techniques used by malware?

Using web proxies, polymorphic malware, anti-sandbox techniques, and fileless malware.

What is a virus?

The most common type of malware that can execute itself and spread by infecting other programs or files.

What is a worm?

Can self-replicate without a host program and typically spreads without any interaction from the malware authors.

What is a Trojan horse?

Designed to appear as a legitimate software program to gain access to a system.

What is spyware?

Collects information and data on the device and user, as well as observes the user's activity without their knowledge.

What is ransomware?

Infects a user's system and encrypts its data. Cybercriminals then demand a ransom payment from the victim in exchange for decrypting the system's data.

What is a rootkit?

Obtains administrator-level access to the victim's system. Once installed, the program gives threat actors root or privileged access to the system.

What is a backdoor virus?

Secretly creates a backdoor into an infected computer system that lets threat actors remotely access it without alerting the user or the system's security programs.

What is adware?

Tracks a user's browser and download history with the intent to display pop-up or banner advertisements that lure the user into making a purchase.

What are keyloggers?

Track nearly everything a user does on their computer, including writing emails, opening webpages, accessing computer programs and typing keystrokes.

What are logic bombs?

Designed to cause harm and typically gets inserted into a system once specific conditions are met. Logic bombs stay dormant and are triggered when a certain event or condition is met, such as when a user takes a specific action on a certain date or time.

What are exploits?

Computer exploits take advantage of existing vulnerabilities, flaws or weaknesses in a system's hardware or software.

What are the six basic steps in mind when creating your malware response plan?

Identify, communicate, block, restore, recover, re-examine

What are common types of malicious email attachments?

.exe (Executable files), .doc/.xls (Macros-enabled documents), .pdf (PDF Exploits), .zip/.rar (Compressed files)

What are common infection methods for infected websites and malvertising?

Fake Software Updates, Malvertising (Malicious Ads), Bundled Software, Exploit Kits

What are the Key Functions of Antivirus Software?

Signature-Based Detection, Heuristic Analysis, Behavior-Based Detection, Sandboxing, Real-Time Scanning, Automatic Updates

What are the Limitations of Antivirus Software?

Inability to Detect Zero-Day Attacks, Performance Impact, Cannot Prevent Social Engineering Attacks, Limited Against Fileless Malware, Over-Reliance on Signatures, False Positives

What Security Features should you consider when Choosing the Right Antivirus?

Real-time protection, Firewall integration, Ransomware protection, Email and web filtering, Heuristic and behavior-based detection

What are some Considerations for Home Use when selecting Antivirus software?

Ease of Use, Performance Impact, Basic Security Features, Parental Controls (Optional), Cost

What are some Considerations for Business Use when selecting Antivirus software?

Advanced Threat Protection, Multi-Device Protection, Centralized Management, Data Loss Prevention, Compliance Requirements, 24/7 Support

What are the general differences between Free vs. Paid Antivirus Software?

Paid Antivirus typically provides better real-time protection, ransomware protection, firewall & web protection, anti-phishing & email security, automatic updates, customer support, multi-device support and VPN & privacy tools

What steps should you follow when properly Installing Antivirus Software?

Choose the Right Antivirus Software, Download the Antivirus Software, Uninstall Any Previous Antivirus, Install the Antivirus Software, Activate and Update the Antivirus, Perform an Initial Full System Scan, Configure Settings for Maximum Security