click below
click below
Normal Size Small Size show me how
Security+ Chap 2
Chapter 2 Malware and Social Engineering Attacks
Question | Answer |
---|---|
A software program that delivers advertising content in a manner that is unexpected and unwanted by the user. | Adware |
Software code that gives access to a program or a service that circumvents normal security protections. | Backdoor |
A logical computer network of zombies under the control of an attacker. | Botnet |
A malicious computer code that, like its biological counterpart, reproduces itself on the same computer. | Computer virus (virus) |
The act of digging through trash receptacles to find information that can be useful in an attack. | Dumpster diving |
A false warning. | Hoax |
An attack that creates a fictitious character and then plays out the role of that person on a victim. | Impersonation |
Captures and stores each keystroke that a user types on the computer's keyboard. | Keylogger |
Computer code that lies dormant until it is triggered by a specific logical event. | Logic bomb |
Software that enters a computer system without the user's knowledge or consent and then performs an unwanted -- and usually harmful -- action. | Malware |
A phishing attack that automatically redirects the user to a fake site. | Pharming |
Sending an e-mail or displaying a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information. | Phishing |
A set of software tools used by an attacker to hide the actions or presence of other types of malicious software. | Rootkit |
Watching an authorized user enter a security code on a keypad. | Shoulder surfing |
A means of gathering information for an attack by relying on the weaknesses of individuals. | Social engineering |
Unsolicited e-mail. | Spam |
A phishing attack that targets only specific users. | Spear phishing |
A malicious computer code that, like its biological counterpart, reproduces itself on the same computer. | Computer virus (virus) |
The act of digging through trash receptacles to find information that can be useful in an attack. | Dumpster diving |
A phishing attack that uses a telephone call instead of using e-mail. | Vishing |
An attack that creates a fictitious character and then plays out the role of that person on a victim. | Impersonation |
A phishing attack that targets only wealthy individuals. | Whaling |
Captures and stores each keystroke that a user types on the computer's keyboard. | Keylogger |
Horizontally separating words so that they can still be read by the human eye. | Word splitting |
Computer code that lies dormant until it is triggered by a specific logical event. | Logic bomb |
Software that enters a computer system without the user's knowledge or consent and then performs an unwanted -- and usually harmful -- action. | Malware |
A phishing attack that automatically redirects the user to a fake site. | Pharming |
Sending an e-mail or displaying a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information. | Phishing |
A set of software tools used by an attacker to hide the actions or presence of other types of malicious software. | Rootkit |
Watching an authorized user enter a security code on a keypad. | Shoulder surfing |
A means of gathering information for an attack by relying on the weaknesses of individuals. | Social engineering |
Unsolicited e-mail. | Spam |
A phishing attack that targets only specific users. | Spear phishing |
A variation of spam, which targets instant messaging users instead of e-mail users. | Spim |
A general term used to describe software that spies on users by gathering information without consent, thus violating their privacy. | Spyware |
The act of unauthorized individuals entering a restricted-access building by following an authorized user. | Tailgating |
An executable program advertised as performing one activity, but actually does something else (or it may perform both the advertised and malicious activities). | Trojan horse (Trojan) |
A phishing attack that uses a telephone call instead of using e-mail. | Vishing |
A phishing attack that targets only wealthy individuals. | Whaling |
A malicious program designed to take advantage of a vulnerability in an application or an operating system in order to enter a computer and then self-replicate to other computers. | Worm |