Malware (viruses, worms, Trojans, etc) MCQs

Computer viruses aim to replicate and attach themselves to other files, spreading throughout a system or to other systems.

Trojans disguise themselves as legitimate files or programs but contain malicious code that performs unauthorized actions.

Worms are self-replicating and spread across networks without requiring user interaction.

Ransomware encrypts files and demands a ransom for their decryption key.

Rootkits are designed to conceal the presence of unauthorized access or malicious software on a system.

Spyware is designed to observe and collect user information without their knowledge or consent.

Adware primarily aims to display unwanted advertisements to users.

A logic bomb requires specific conditions or actions to activate, unlike viruses or worms that can spread independently.

DDoS attacks aim to overload a server with traffic, rendering it unavailable to legitimate users.

Fileless malware resides in system memory without leaving a traditional file footprint, making it challenging to detect.

Rogue antivirus malware pretends to be a legitimate antivirus program but is actually malicious.

Phishing attacks often involve impersonating a trusted entity to trick users into revealing sensitive information.

A backdoor is designed to provide unauthorized access to a system while remaining hidden from normal security measures.

Keyloggers are malware that capture and transmit sensitive data, including keystrokes, to malicious actors.

Polymorphic viruses change their code to evade detection by antivirus programs.

A destroyer virus is designed to modify or destroy data on a targeted system.

A sandbox is used to test and isolate potentially malicious code in a controlled environment.

In a man-in-the-middle attack, the attacker intercepts and alters communication between two parties without their knowledge.

Tunneling involves routing an attack through multiple intermediate systems to disguise its origin.

Spear-phishing attacks target specific individuals or organizations with personalized and deceptive messages.

Ransomware attacks encrypt files and demand payment for their release.

Trojans require user interaction to activate and perform malicious actions.

Botnets involve multiple compromised computers controlled by a centralized entity for coordinated attacks.

A zero-day exploit targets undisclosed and unpatched vulnerabilities, making it challenging to defend against.

Privilege escalation involves increasing the level of access on a compromised system, providing greater control to the attacker.

Hacking involves the unauthorized access and use of another user's account or system resources.

Honeypots are used to test and lure potential attackers, allowing organizations to study their methods.

DDoS (Distributed Denial of Service) attacks flood a network or server with excessive traffic to disrupt normal functioning.

A buffer overflow vulnerability involves exploiting excessive data input to overwrite adjacent memory, potentially leading to unauthorized access.

Encryption involves converting information into a code that can only be deciphered by authorized parties.

Signature-based detection identifies malware based on known patterns or signatures.

Phishing involves tricking individuals into revealing sensitive information by pretending to be a trustworthy entity.

Social engineering attacks aim to exploit human psychology to manipulate individuals into revealing sensitive information or taking specific actions.

Authentication is the process of verifying the identity of a user, system, or application.

Firewalls are used to control and filter incoming and outgoing network traffic to prevent unauthorized access.

A logic bomb activates under specific conditions to cause harm, such as deleting or modifying data.

Heuristic-based detection analyzes the behavior and characteristics of unknown files to identify potential threats.

SQL injection involves the unauthorized access and manipulation of data stored on a website by injecting malicious SQL code.

Hybrid malware attacks combine characteristics of different types of malware, making them more sophisticated and versatile.

Network segmentation involves dividing a network into segments to enhance security by isolating different parts of the network.

Rootkits gain unauthorized access by concealing themselves within the system's operating system.

An intrusion detection system (IDS) monitors and identifies suspicious activity on a network to alert administrators of potential security threats.

Hacking involves exploiting software vulnerabilities to gain unauthorized access or control over a system.

A VPN (Virtual Private Network) establishes a secure and private connection over the internet, enhancing privacy and security.

A dropper's main purpose is to deliver and install other malicious payloads onto a system.

Polymorphic viruses change their code to evade detection by antivirus software.

Spyware is designed to capture and transmit sensitive information, often including login credentials.

A logic bomb is a type of malicious code that activates upon a specific event or condition.

Macro viruses spread through email attachments or links, often using macros in documents.

Fileless malware attacks operate in the system's memory, leaving no traditional traces on the hard drive.