Terminology
A virus that is protected in a way that makes disassembling it difficult. The difficulty makes it “__________” against antivirus programs that have
trouble getting to, and understanding, its code.
Armored virus
Protocol used to map known IP addresses
to unknown physical addresses.
Address Resolution Protocol
ARP
Address Resolution Protocol
Any application that masquerades as one thing in order to get past scrutiny and then does something malicious
Trojan horse
Software that does harm—intentionally
Malware
Software that gathers information to pass on to marketers or that intercepts personal data such as credit card numbers and makes it available to third
parties
Adware
Minimizing the possibility of exploitation by
reducing the amount of code and limiting potential damage
Attack surface reduction
ASR
Attack surface reduction
Software programs that work—often actively—on behalf of a third party.
Spyware
Takes control of a system and demands that a third party be paid.
Ransomware
Any unauthorized intrusion into the normal operations of a computer or computer network.
Attack
A form of web-based attack in which unauthorized commands are sent from a user that a website trusts
Cross-site request forgery
XSRF
Cross-site request forgery
Software that demands payment before restoring the data or system infected.
Ransomware
Can do various roguish things once it is on a system, but its primary purpose is to replicate.
Worm
An opening left in a program application (usually by the developer) that allows additional access to data. Typically, a ___________ is created for debugging
purposes and is not documented
Backdoor
A type of attack that prevents any users—even legitimate ones—from using a system.
Denial-of-service
XSS
Cross-site scripting
An attribute of some viruses that allows them to mutate and appear differently each time they crop up
Polymorphic
Software programs that have the ability to hide certain things from the operating system.
Rootkits
Running a script routine on a user’s machine from a
website without their permission.
Cross-site scripting (XSS)
A derivative of a DoS attack in which
multiple hosts in multiple locations all focus on one target to reduce its availability to the public
Distributed denial-of-service
DDoS
Distributed denial-of-service
Any code that is hidden within an application and causes something unexpected to happen based on some criteria being met
Logic bomb
Software running on infected computers called zombies is often known as a _______
Bots
A permission method in which users are granted only the privileges necessary to perform their job function.
Least privilege
Any code that is meant to do harm.
Malicious code
DNS
Domain Name System
An attack that begins the very day an exploit is discovered
Zero-day exploit
One that, as the name implies, allows a
remote user to access the system for the purpose of administering it.
RAT A remote administration tool (RAT)
Any code that is hidden within an application and causes something unexpected to happen based on some criteria being met
Logic bomb
A program intended to damage a computer system.
Virus
MITM
Man-in-the-middle
Attaches itself to legitimate programs and then
creates a program with a different filename extension
Companion Virus
Name a reason attackers initiate an attack
They might be doing it for the sheer fun of it.
They might be criminals attempting to steal from you.
They might be individuals or groups who are using the attack to make a political statement or commit an act of terrorism.