100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
logo-home
CEH v10 Malware Threats Exam Questions and Answers All Correct €14,15   In winkelwagen

Tentamen (uitwerkingen)

CEH v10 Malware Threats Exam Questions and Answers All Correct

 7 keer bekeken  0 keer verkocht
  • Vak
  • CEH v10 Malware Threats
  • Instelling
  • CEH V10 Malware Threats

CEH v10 Malware Threats Exam Questions and Answers All Correct Indication of Virus Attack - Answer-1. process take more resources and time 2. computer beeps with no display 3. drive label changes 4. unable to load Operating System 5. constant anti-virus alerts 6. computer freezes frequently...

[Meer zien]

Voorbeeld 4 van de 34  pagina's

  • 12 augustus 2024
  • 34
  • 2024/2025
  • Tentamen (uitwerkingen)
  • Vragen en antwoorden
  • CEH v10 Malware Threats
  • CEH v10 Malware Threats
avatar-seller
CEH v10 Malware Threats Exam Questions
and Answers All Correct

Indication of Virus Attack - Answer-1. process take more resources and time
2. computer beeps with no display
3. drive label changes
4. unable to load Operating System
5. constant anti-virus alerts
6. computer freezes frequently or encounters error such as BSOD
7. files and folders are missing
8. suspicious hard driver activity
9. browser window
freezes"
10. lack of storage space
11. unwanted advertisements and pop-up windows

How a computer gets infected by a virus - Answer--When a user accepts files and
downloads without checking properly for the source
-Opening infected email attachments
Installing pirated software
-Not updating and not installing new versions of plug-ins
-Not running the latest anti-virus application
-Clicking malicious online ads
-Using portable media
-Connecting to untrusted network


System or Boot Sector Viruses - Answer-The most common targets for a virus are the
these, which include the master boot record (MBR) and the DOS boot record system
sectors

MBRs are the most virus-prone zones because if the MBR is corrupted, all data will be
lost. The DOS boot sector also executes during the system booting. This is the crucial
point of attack for viruses.

This virus moves MBR (Master Boot Record) to another location on the hard disk and
copies itself to the original location of the MBR

When the system boots, the virus code is executed first and then control is passed to
original MBR

Virus Removal

,-One way to deal with this virus is to avoid the use of the Windows OS and switch to
Linux or Mac because Windows is more prone to these attacks.
-The other way is to carry out antivirus checks on a periodic basis

File Viruses - Answer-Infects files which are executed or interpreted in the system such
as COM, EXE, SYS, OVL, OBJ, PRG, MNU, and BAT files

File viruses can be either direct-action or memory resident

hides their presence by using stealth techniques to reside in a computer's memory in
the same way as the system sector viruses work. It does not show any increase in file
length while performing directory listing.

If a user attempts to read the file, the virus intercepts the request, and the user gets
back his original file

Multipartite Viruses - Answer-When the virus infects the boot sector, it will, in turn, affect
the system's file and vice versa. This type of virus re-infects a system repeatedly if the
virus is not rooted out entirely from the target machine.

Infect the system boot sector and the executable files at the same time
Some of the examples of multipartite viruses include invade, flip, and tequila

Execute the damage routine - users install antivirus updates and eliminate the virus
threats

How a virus infects a system - Answer-o The virus loads itself into memory and checks
for the executable on the disk.
o The virus appends malicious code to a legitimate program without the permission or
knowledge of user.
o The user is unaware of the replacement and launches the infected program.
o The execution of an infected program also infects other programs in the system.
o The above cycle continues until the user realizes there is an anomaly in the system

Phases of a Virus - Answer-Infection Phase
-o A file virus infects by attaching itself to an executable system application program.
Potential targets for virus infections:
-o Boot sector viruses execute their code in the first place before the target PC is
booted.
Attack Phase
-o Viruses execute upon triggering specific events
-o Some viruses execute and corrupt via built-in bug programs after being stored in the
host's memory.
-o The latest and advanced viruses conceal their presence, attacking only after
thoroughly spreading in the host

,Macro Viruses - Answer-Viruses infect templates or convert infected documents into
template file, while maintaining their appearance of ordinary document files

files are created by Microsoft Word or Excel, written using macro language VBA Visual
Basic of Applications

Cluster Viruses - Answer-Virus infect files without changing the file or planting additional
files. They save the virus code to the hard drive and overwrite the pointer in the
directory entry, directing the disk read point to the virus code instead of the actual
program.

Modify directory table entries so that it points users or system processes to the virus
code instead of the actual program

One copy of the virus on the disk infecting all the programs in the computer system
It will launch itself first when any program on the computer system is started and then
the control is passed to actual program

Stealth Viruses/ Tunneling Viruses - Answer-These viruses try to hide from antivirus
programs by actively altering and corrupting the service call interrupts while running.
These viruses state false information to hide their presence from antivirus programs

Evade the anti-virus software by intercepting its requests to the operating system

This virus can hide by intercepting the anti-virus software's request to read the file and
passing the request to the virus, instead of the OS

Virus Removal
-o Always do a cold boot (boot from write-protected CD or DVD)
-o Never use DOS commands such as FDISK to fix the virus
-o Use anti-virus software

Encryption Viruses - Answer-Also known as a Cryptolocker viruses which penetrate the
target system via freeware, shareware, codecs, fake advertisements, torrents, email
spam, and so on

Uses simple encryption to encipher the code
The virus is encrypted with a different key for each infected file
AV scanner cannot directly detect these types of viruses using signature detection
methods

Sparse Infector Viruses - Answer-viruses infect less often and try to minimize the
probability of discovery. This viruses infect only occasionally upon satisfying certain
conditions or only files whose lengths fall within a narrow range

Virus infects only occasionally or only files whose lengths fall within a narrow range

, By infecting less often, such viruses try to minimize the probability of being discovered

Polymorphic Viruses - Answer-A code that mutates while keeping the original algorithm
intact

modify their code for each replication to avoid detection

To enable polymorphic code, the virus has to have a polymorphic engine
A well-written polymorphic virus therefore has no parts that stay the same on each
infection

virus consists of three components: the encrypted virus code, the decryptor routine, and
the mutation engine

Metamorphic Viruses - Answer--rewrite themselves completely each time they are to
infect a new executable
-This code can reprogram itself by translating its own code into a temporary
representation and then back to the normal code again


Malware - Answer-Malicious software that damages or disables computer systems and
gives limited or full control of the systems to its creator for theft or fraud.

Includes Trojan horse, Backdoor, Rootkit, Ransomware, Adware, Virus, Worms,
Spyware, Botnet
and Crypter

Malware is developed and used for - Answer-- Attack browsers and track websites
visited
- Affect system performance, making it very slow
- Cause hardware failure, rendering computers inoperable
- Steal personal information, including contacts
- Erase valuable information, resulting in the substantial data losses
- Attack additional computer systems directly from a compromised system
- Spam inboxes with advertising emails

Different Ways a Malware can Get into a System - Answer-- Instant Messenger
Applications
- Portable Hardware Media /Removable Devices
- Browser and Email Software Bugs
- Insecure Patch management
- Rogue/Decoy Applications
- Untrusted Sites and Freeware Web Applications/Software
- Downloading Files from Internet
- Email Attachments
- File Shareing
-Network Propagation

Voordelen van het kopen van samenvattingen bij Stuvia op een rij:

√  	Verzekerd van kwaliteit door reviews

√ Verzekerd van kwaliteit door reviews

Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!

Snel en makkelijk kopen

Snel en makkelijk kopen

Je betaalt supersnel en eenmalig met iDeal, Bancontact of creditcard voor de samenvatting. Zonder lidmaatschap.

Focus op de essentie

Focus op de essentie

Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Scholarsstudyguide. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €14,15. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 79223 samenvattingen verkocht

Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen

Start met verkopen
€14,15
  • (0)
  Kopen