Section 12.5 Malware Protection – Flashcards

Which of the following actions adds new features and fixes bugs for anti-malware software? a. Updating the anti-malware engine b. Quarantining infected files and systems c. Remediating unhealthy computers d. Downloading signature files automatically

Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims? a. Hijacking b. Brute force c. Spamming d. Trojan horse

To tightly control the anti-malware settings on your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would best prevent this scenario from occurring again? a. Configure the software to automatically download the virus definition files as soon as they become available. b. Carefully review open firewall ports and close any unneeded ports c. Create a scheduled task to run sfc.exe daily d. Switch to a more reliable anti-virus software

Which of the following could easily result in a mailbox being full so that messages can't be received? a. Impersonation b. Social engineering c. Spam d. Phishing

What is the key characteristic of a worm? a. A worm can replicate itself and spread to other systems b. It is a malicious program that is disguised as legit software. c. It monitors the actions you take on your machine and sends the info back to its originating source. d. It is malware that lies dormant until triggered.

You have a computer that runs Windows 7. Where would you go to check if the system can recognize and use any installed anti-virus software? a. Network and Sharing Center b. Windows Firewall c. Windows Update d. Security Center

A user reports that his machine will no longer boot properly. After asking several questions to determine the problem, you suspect the user unknowingly downloaded malware from the Internet, and that the malware corrupted the boot block. Based on your suspicions , what actions could you take to correct the problem? (select two) a. Have the user to attend an internal Internet safety training course b. Run sfc.exe c. Boot from the Windows 7 installation DVD and use the Recovery Environment to run a startup repair d. Reimage the machine

You've just received an e-mail message that indicates a new serious malicious code threat is ravaging across the Internet. The message contains detailed information about the threat, its source code, and the damage it can inflict. The message states that you can easily detect whether or not you have already been a victim of this threat by the presence of the three files in WindowsSystem32 folder. As a countermeasure, the message suggests that you delete these three files from your system to prevent further spread of the threat. What should your first action based on this message be? a. Perform a complete system backup. b. Verify the information on well-known malicious code threat management web sites c. Distribute the message to everyone in your address book. d. Reboot the system. e. Delete the indicated files if present

You discover that a system on your network has been infected with a worm. What is the best way to prevent the spread of the worm to other systems while you work on removing the worm? a. Update the virus definition files on all computers b. Quarantine the computer c. Run a system scan on other computers d. Close the firewall ports that the worm uses

What is a cookie? a. A file saved on your HDD that tracks web site preferences and use b. A malicious program that disguises itself as a useful program c. A malicious program that runs when you read an email attachment d. An executable file that runs in the background and tracks internet use

Which of the following is the process of fixing problems detected by anti-virus software so that the computer is restored to its original state? a. Remediation b. Isolation c. Quarantine d. Scanning

You have installed anti-malware software on a computer that only you use. You want to protect the computer from files that you download from the Internet. What should you do next time to make sure that there aren't any existing files on your system that are infected? a. Update the anti-malware engine software b. Quarantine your computer c. Run a full scan d. Download the latest definition files

If your anti-virus software does not detect and remove a virus, what should you try first? a. Update your virus detection software b. Scan the computer using another virus detection program. c. Set the read-only attribute of the file you believe to be infected. d. Search for and delete the file you believe to be infected

Your anti-virus software has detected malware on your system. However, the anti-virus software is unable to remove it, and when you try to delete the files, you can't because they are in use. What should you try first? a. Restore or reinstall the operating system b. Run Sfc.exe c. Boot into Safe Mode and try removing the malware d. Update the anti-virus definition files

What are the most common means of virus distribution? (select two) a. Email b. Commercial software CDs c. Floppy disks d. Downloading music files from the internet e. Malicious web sites

After installing some software a few days ago, your DVD drive tray randomly began to open and close. Today, you were called into your boss's office to discuss why you are calling 900 numbers while at work. Which type of malware would create these symptoms? a. Grayware b. Spyware c. Trojan horse d. Adware

While browsing the Internet, you notice that the browser display pop-ups that are targeted towards recent keyboard searches you have performed. What is this an example of? a. Trojan horse b. Worm c. Grayware d. Adware

What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found? a. Password attack b. Buffer overflow c. Trojan horse d. Virus