100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CEH v10 Malware Threats Exam Questions and Answers All Correct R271,35   Add to cart

Exam (elaborations)

CEH v10 Malware Threats Exam Questions and Answers All Correct

 7 views  0 purchase
  • Course
  • CEH v10 Malware Threats
  • Institution
  • CEH V10 Malware Threats

CEH v10 Malware Threats Exam Questions and Answers All Correct Indication of Virus Attack - Answer-1. process take more resources and time 2. computer beeps with no display 3. drive label changes 4. unable to load Operating System 5. constant anti-virus alerts 6. computer freezes frequently...

[Show more]

Preview 4 out of 34  pages

  • August 12, 2024
  • 34
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CEH v10 Malware Threats
  • CEH v10 Malware Threats
avatar-seller
CEH v10 Malware Threats Exam Questions
and Answers All Correct

Indication of Virus Attack - Answer-1. process take more resources and time
2. computer beeps with no display
3. drive label changes
4. unable to load Operating System
5. constant anti-virus alerts
6. computer freezes frequently or encounters error such as BSOD
7. files and folders are missing
8. suspicious hard driver activity
9. browser window
freezes"
10. lack of storage space
11. unwanted advertisements and pop-up windows

How a computer gets infected by a virus - Answer--When a user accepts files and
downloads without checking properly for the source
-Opening infected email attachments
Installing pirated software
-Not updating and not installing new versions of plug-ins
-Not running the latest anti-virus application
-Clicking malicious online ads
-Using portable media
-Connecting to untrusted network


System or Boot Sector Viruses - Answer-The most common targets for a virus are the
these, which include the master boot record (MBR) and the DOS boot record system
sectors

MBRs are the most virus-prone zones because if the MBR is corrupted, all data will be
lost. The DOS boot sector also executes during the system booting. This is the crucial
point of attack for viruses.

This virus moves MBR (Master Boot Record) to another location on the hard disk and
copies itself to the original location of the MBR

When the system boots, the virus code is executed first and then control is passed to
original MBR

Virus Removal

,-One way to deal with this virus is to avoid the use of the Windows OS and switch to
Linux or Mac because Windows is more prone to these attacks.
-The other way is to carry out antivirus checks on a periodic basis

File Viruses - Answer-Infects files which are executed or interpreted in the system such
as COM, EXE, SYS, OVL, OBJ, PRG, MNU, and BAT files

File viruses can be either direct-action or memory resident

hides their presence by using stealth techniques to reside in a computer's memory in
the same way as the system sector viruses work. It does not show any increase in file
length while performing directory listing.

If a user attempts to read the file, the virus intercepts the request, and the user gets
back his original file

Multipartite Viruses - Answer-When the virus infects the boot sector, it will, in turn, affect
the system's file and vice versa. This type of virus re-infects a system repeatedly if the
virus is not rooted out entirely from the target machine.

Infect the system boot sector and the executable files at the same time
Some of the examples of multipartite viruses include invade, flip, and tequila

Execute the damage routine - users install antivirus updates and eliminate the virus
threats

How a virus infects a system - Answer-o The virus loads itself into memory and checks
for the executable on the disk.
o The virus appends malicious code to a legitimate program without the permission or
knowledge of user.
o The user is unaware of the replacement and launches the infected program.
o The execution of an infected program also infects other programs in the system.
o The above cycle continues until the user realizes there is an anomaly in the system

Phases of a Virus - Answer-Infection Phase
-o A file virus infects by attaching itself to an executable system application program.
Potential targets for virus infections:
-o Boot sector viruses execute their code in the first place before the target PC is
booted.
Attack Phase
-o Viruses execute upon triggering specific events
-o Some viruses execute and corrupt via built-in bug programs after being stored in the
host's memory.
-o The latest and advanced viruses conceal their presence, attacking only after
thoroughly spreading in the host

,Macro Viruses - Answer-Viruses infect templates or convert infected documents into
template file, while maintaining their appearance of ordinary document files

files are created by Microsoft Word or Excel, written using macro language VBA Visual
Basic of Applications

Cluster Viruses - Answer-Virus infect files without changing the file or planting additional
files. They save the virus code to the hard drive and overwrite the pointer in the
directory entry, directing the disk read point to the virus code instead of the actual
program.

Modify directory table entries so that it points users or system processes to the virus
code instead of the actual program

One copy of the virus on the disk infecting all the programs in the computer system
It will launch itself first when any program on the computer system is started and then
the control is passed to actual program

Stealth Viruses/ Tunneling Viruses - Answer-These viruses try to hide from antivirus
programs by actively altering and corrupting the service call interrupts while running.
These viruses state false information to hide their presence from antivirus programs

Evade the anti-virus software by intercepting its requests to the operating system

This virus can hide by intercepting the anti-virus software's request to read the file and
passing the request to the virus, instead of the OS

Virus Removal
-o Always do a cold boot (boot from write-protected CD or DVD)
-o Never use DOS commands such as FDISK to fix the virus
-o Use anti-virus software

Encryption Viruses - Answer-Also known as a Cryptolocker viruses which penetrate the
target system via freeware, shareware, codecs, fake advertisements, torrents, email
spam, and so on

Uses simple encryption to encipher the code
The virus is encrypted with a different key for each infected file
AV scanner cannot directly detect these types of viruses using signature detection
methods

Sparse Infector Viruses - Answer-viruses infect less often and try to minimize the
probability of discovery. This viruses infect only occasionally upon satisfying certain
conditions or only files whose lengths fall within a narrow range

Virus infects only occasionally or only files whose lengths fall within a narrow range

, By infecting less often, such viruses try to minimize the probability of being discovered

Polymorphic Viruses - Answer-A code that mutates while keeping the original algorithm
intact

modify their code for each replication to avoid detection

To enable polymorphic code, the virus has to have a polymorphic engine
A well-written polymorphic virus therefore has no parts that stay the same on each
infection

virus consists of three components: the encrypted virus code, the decryptor routine, and
the mutation engine

Metamorphic Viruses - Answer--rewrite themselves completely each time they are to
infect a new executable
-This code can reprogram itself by translating its own code into a temporary
representation and then back to the normal code again


Malware - Answer-Malicious software that damages or disables computer systems and
gives limited or full control of the systems to its creator for theft or fraud.

Includes Trojan horse, Backdoor, Rootkit, Ransomware, Adware, Virus, Worms,
Spyware, Botnet
and Crypter

Malware is developed and used for - Answer-- Attack browsers and track websites
visited
- Affect system performance, making it very slow
- Cause hardware failure, rendering computers inoperable
- Steal personal information, including contacts
- Erase valuable information, resulting in the substantial data losses
- Attack additional computer systems directly from a compromised system
- Spam inboxes with advertising emails

Different Ways a Malware can Get into a System - Answer-- Instant Messenger
Applications
- Portable Hardware Media /Removable Devices
- Browser and Email Software Bugs
- Insecure Patch management
- Rogue/Decoy Applications
- Untrusted Sites and Freeware Web Applications/Software
- Downloading Files from Internet
- Email Attachments
- File Shareing
-Network Propagation

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through EFT, credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying this summary from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy this summary for R271,35. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

78252 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy summaries for 14 years now

Start selling
R271,35
  • (0)
  Buy now