| < Free Open Study > |
|
As stated throughout this book, these Test Tips are useful tools that you should skim over just before you take the exam. Use them as a final cram for the exam.
A virus will replicate itself until it uses up all available system resources such as memory or hard drive space.
Spyware is a program or piece of software that resides hidden on a system that monitors and logs the systems or another systems activities.
A worm is a type of virus that can replicate itself. However, worms do not attach to other programs.
Worms and viruses duplicate themselves, Trojans do not.
Malware is shorthand for malicious code. It is something that produces unwanted, unexpected results. It is a virus, Trojan horse, or worm.
System or boot infectors are older viruses that damage system files such as hard drives, the Master Boot Record (MBR), or the boot sector on a floppy disk.
Variants are new viruses or virus strains that sometimes modify the code of existing well-known viruses.
Most macro-type viruses are designed to insert numbers, characters, words, or phrases into documents or spreadsheets.
Viruses that are in the wild exist outside of controller virus research labs. Viruses that exist in these labs are known to be Zoo viruses.
The actual action that a virus carries out is called the virus’s payload.
A virus threat or risk rating is a calculated value that represents the possible level of severity or threat of a specific virus.
Most Trojan horses are hidden in Internet attachments that are often times distributed with e-mail and in the form of jokes, love letters, and misguiding advertisements.
A logic bomb can be a computer virus or Trojan horse that activates when certain conditions are met.
Blended threats typically will spread automatically by continuously scanning the Internet for Web servers with open or vulnerable TCP/IP ports. They also plant Trojans and logic bombs, as well as change permissions and utilize internal network mapped drives to spread.
A virus with stealth characteristics will hide itself and send bogus responses back to an antiviral software package scan, in order to avoid detection.
A polymorphic virus is a virus that possesses the ability to change its own internal code and byte structure as it is being duplicated.
The Backdoor.Subseven virus and its known variants—Backdoor.SubSeven.1_7, Backdoor-G, Backdoor.Trojan, and Sub7—are most commonly distributed through e-mail attachments and instant messaging file and program transfers.
NetBus is a remote administration Trojan horse type program that is similar to Back Orifice and Backdoor.Subseven, which must first be executed on a system by a user in order to be installed.
ILOVEYOU is a self-propagating worm that is included as an e-mail attachment to an e-mail titled, “ILOVEYOU.”
The Melissa (W97M.Melissa.A) virus is a macro virus that spreads very quickly when its payload is released or executed.
The Back Orifice Trojan horse is a program that is similar in nature to NetBus. It allows remote access to a computer system after a server application program has been executed on the remote or targeted computer system.
The Chernobyl virus, also named W98.CIH or just CIH, is an older space filler virus that targets earlier versions of operating systems such as Microsoft Windows 95 and Windows 98.
W32.Nimda.A@mm is a mass-mailing worm that targets the weaknesses of vulnerable, unpatched Microsoft IIS (Internet Information Server) Web servers.
W32.Klez.A@mm is a mass-mailing e-mail worm threat that exploits known weaknesses associated with Microsoft Outlook Express and Microsoft Outlook. (Remember what the “mm” means?)
If the Guest account is enabled in Microsoft Windows, it can be used to access shared resources without entering a password for authentication. This is a major security risk.
Root is the name of the administrative user account in UNIX and Linux.
| < Free Open Study > |
|