Garantie de satisfaction à 100% Disponible immédiatement après paiement En ligne et en PDF Tu n'es attaché à rien
logo-home
CEH v10 Malware Threats Exam Questions and Answers All Correct €14,15   Ajouter au panier

Examen

CEH v10 Malware Threats Exam Questions and Answers All Correct

 7 vues  0 fois vendu
  • Cours
  • CEH v10 Malware Threats
  • Établissement
  • CEH V10 Malware Threats

CEH v10 Malware Threats Exam Questions and Answers All Correct Indication of Virus Attack - Answer-1. process take more resources and time 2. computer beeps with no display 3. drive label changes 4. unable to load Operating System 5. constant anti-virus alerts 6. computer freezes frequently...

[Montrer plus]

Aperçu 4 sur 34  pages

  • 12 août 2024
  • 34
  • 2024/2025
  • Examen
  • Questions et réponses
  • CEH v10 Malware Threats
  • CEH v10 Malware Threats
avatar-seller
CEH v10 Malware Threats Exam Questions
and Answers All Correct

Indication of Virus Attack - Answer-1. process take more resources and time
2. computer beeps with no display
3. drive label changes
4. unable to load Operating System
5. constant anti-virus alerts
6. computer freezes frequently or encounters error such as BSOD
7. files and folders are missing
8. suspicious hard driver activity
9. browser window
freezes"
10. lack of storage space
11. unwanted advertisements and pop-up windows

How a computer gets infected by a virus - Answer--When a user accepts files and
downloads without checking properly for the source
-Opening infected email attachments
Installing pirated software
-Not updating and not installing new versions of plug-ins
-Not running the latest anti-virus application
-Clicking malicious online ads
-Using portable media
-Connecting to untrusted network


System or Boot Sector Viruses - Answer-The most common targets for a virus are the
these, which include the master boot record (MBR) and the DOS boot record system
sectors

MBRs are the most virus-prone zones because if the MBR is corrupted, all data will be
lost. The DOS boot sector also executes during the system booting. This is the crucial
point of attack for viruses.

This virus moves MBR (Master Boot Record) to another location on the hard disk and
copies itself to the original location of the MBR

When the system boots, the virus code is executed first and then control is passed to
original MBR

Virus Removal

,-One way to deal with this virus is to avoid the use of the Windows OS and switch to
Linux or Mac because Windows is more prone to these attacks.
-The other way is to carry out antivirus checks on a periodic basis

File Viruses - Answer-Infects files which are executed or interpreted in the system such
as COM, EXE, SYS, OVL, OBJ, PRG, MNU, and BAT files

File viruses can be either direct-action or memory resident

hides their presence by using stealth techniques to reside in a computer's memory in
the same way as the system sector viruses work. It does not show any increase in file
length while performing directory listing.

If a user attempts to read the file, the virus intercepts the request, and the user gets
back his original file

Multipartite Viruses - Answer-When the virus infects the boot sector, it will, in turn, affect
the system's file and vice versa. This type of virus re-infects a system repeatedly if the
virus is not rooted out entirely from the target machine.

Infect the system boot sector and the executable files at the same time
Some of the examples of multipartite viruses include invade, flip, and tequila

Execute the damage routine - users install antivirus updates and eliminate the virus
threats

How a virus infects a system - Answer-o The virus loads itself into memory and checks
for the executable on the disk.
o The virus appends malicious code to a legitimate program without the permission or
knowledge of user.
o The user is unaware of the replacement and launches the infected program.
o The execution of an infected program also infects other programs in the system.
o The above cycle continues until the user realizes there is an anomaly in the system

Phases of a Virus - Answer-Infection Phase
-o A file virus infects by attaching itself to an executable system application program.
Potential targets for virus infections:
-o Boot sector viruses execute their code in the first place before the target PC is
booted.
Attack Phase
-o Viruses execute upon triggering specific events
-o Some viruses execute and corrupt via built-in bug programs after being stored in the
host's memory.
-o The latest and advanced viruses conceal their presence, attacking only after
thoroughly spreading in the host

,Macro Viruses - Answer-Viruses infect templates or convert infected documents into
template file, while maintaining their appearance of ordinary document files

files are created by Microsoft Word or Excel, written using macro language VBA Visual
Basic of Applications

Cluster Viruses - Answer-Virus infect files without changing the file or planting additional
files. They save the virus code to the hard drive and overwrite the pointer in the
directory entry, directing the disk read point to the virus code instead of the actual
program.

Modify directory table entries so that it points users or system processes to the virus
code instead of the actual program

One copy of the virus on the disk infecting all the programs in the computer system
It will launch itself first when any program on the computer system is started and then
the control is passed to actual program

Stealth Viruses/ Tunneling Viruses - Answer-These viruses try to hide from antivirus
programs by actively altering and corrupting the service call interrupts while running.
These viruses state false information to hide their presence from antivirus programs

Evade the anti-virus software by intercepting its requests to the operating system

This virus can hide by intercepting the anti-virus software's request to read the file and
passing the request to the virus, instead of the OS

Virus Removal
-o Always do a cold boot (boot from write-protected CD or DVD)
-o Never use DOS commands such as FDISK to fix the virus
-o Use anti-virus software

Encryption Viruses - Answer-Also known as a Cryptolocker viruses which penetrate the
target system via freeware, shareware, codecs, fake advertisements, torrents, email
spam, and so on

Uses simple encryption to encipher the code
The virus is encrypted with a different key for each infected file
AV scanner cannot directly detect these types of viruses using signature detection
methods

Sparse Infector Viruses - Answer-viruses infect less often and try to minimize the
probability of discovery. This viruses infect only occasionally upon satisfying certain
conditions or only files whose lengths fall within a narrow range

Virus infects only occasionally or only files whose lengths fall within a narrow range

, By infecting less often, such viruses try to minimize the probability of being discovered

Polymorphic Viruses - Answer-A code that mutates while keeping the original algorithm
intact

modify their code for each replication to avoid detection

To enable polymorphic code, the virus has to have a polymorphic engine
A well-written polymorphic virus therefore has no parts that stay the same on each
infection

virus consists of three components: the encrypted virus code, the decryptor routine, and
the mutation engine

Metamorphic Viruses - Answer--rewrite themselves completely each time they are to
infect a new executable
-This code can reprogram itself by translating its own code into a temporary
representation and then back to the normal code again


Malware - Answer-Malicious software that damages or disables computer systems and
gives limited or full control of the systems to its creator for theft or fraud.

Includes Trojan horse, Backdoor, Rootkit, Ransomware, Adware, Virus, Worms,
Spyware, Botnet
and Crypter

Malware is developed and used for - Answer-- Attack browsers and track websites
visited
- Affect system performance, making it very slow
- Cause hardware failure, rendering computers inoperable
- Steal personal information, including contacts
- Erase valuable information, resulting in the substantial data losses
- Attack additional computer systems directly from a compromised system
- Spam inboxes with advertising emails

Different Ways a Malware can Get into a System - Answer-- Instant Messenger
Applications
- Portable Hardware Media /Removable Devices
- Browser and Email Software Bugs
- Insecure Patch management
- Rogue/Decoy Applications
- Untrusted Sites and Freeware Web Applications/Software
- Downloading Files from Internet
- Email Attachments
- File Shareing
-Network Propagation

Les avantages d'acheter des résumés chez Stuvia:

Qualité garantie par les avis des clients

Qualité garantie par les avis des clients

Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.

L’achat facile et rapide

L’achat facile et rapide

Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.

Focus sur l’essentiel

Focus sur l’essentiel

Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.

Foire aux questions

Qu'est-ce que j'obtiens en achetant ce document ?

Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.

Garantie de remboursement : comment ça marche ?

Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.

Auprès de qui est-ce que j'achète ce résumé ?

Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur Scholarsstudyguide. Stuvia facilite les paiements au vendeur.

Est-ce que j'aurai un abonnement?

Non, vous n'achetez ce résumé que pour €14,15. Vous n'êtes lié à rien après votre achat.

Peut-on faire confiance à Stuvia ?

4.6 étoiles sur Google & Trustpilot (+1000 avis)

79223 résumés ont été vendus ces 30 derniers jours

Fondée en 2010, la référence pour acheter des résumés depuis déjà 14 ans

Commencez à vendre!

Récemment vu par vous


€14,15
  • (0)
  Ajouter