What is the difference between a virus and a worm? Viruses need to attach themselves to an executable, worms do not. What do viruses and worms have in common? What is one reason you shouldn't leave backup drives connected to your computer? If malware infects your computer, it could infect the backups too. What are the seven steps in CompTIA's best-practice procedure for malware removal?
What is the principal means of quarantining a system? Disconnect from the network Why might you not want to restore from a backup to get rid of malware? The backups could be infected. Should you use System Restore (or File History) to recover after a malware infection? No, you should probably delete all old backups, as the malware could have infected them. Alternatively you could scan them with A-V software to determine if they are infected. How can you use antivirus software if the computer is non-functional due to malware? Put the disk in a new system and use the A-V software there. What is the main tool for removing viruses? What are three ways to run commands in a "clean" environment, if a computer is infected? Boot into Safe Mode Use WinRE Remove hard drive and put it in a different machine What is the recovery console? A precursor to WinRE, used in Windows 2000 and Windows XP If antivirus software isn't working, besides trying to run A-V software on a different system, what is a last ditch effort to eradicate malware? Completely wipe and restore the OS and files. What is on-access scanning? A-V software intercepts before a file is opened, to scan it for malware. In Windows, what command can be used to flush the local DNS cache? When re-securing a system after infection, why should you check your DNS configurations? Because there could be false address resolution entries, as part of a DNS pharming attack. What is the HOSTS file? What is the path to the HOSTS file in Windows, and what is the path in Linux? It is a file containing DNS mappings, that are loaded into the DNS cache. Windows path: %SYSTEMROOT%\System32\drivers\etc\hosts Linux path: /etc/hosts In Windows, where is the priority order for DNS resolution set? HKLM→SYSTEM→CurrentControlSet→Services→Tcpip→ServiceProvider What command in Windows can you use to find what DNS resolvers are set as primary and secondary? What are two trusted DNS servers often used? Google's public DNS servers Quad9 What are the 6 steps to re-secure DNS configuration after a malware infection?
After a malware infection, before reenabling System Restore, besides scheduling automatic updates and scans, what are two things you should check? DNS configuration Host firewall configuration How can you keep spam from getting to users' inboxes? Configure filtering on the messaging server. Where can you create a backup from Windows Settings? Settings > Update and Security > Backup tab on lefthand side A Windows program for execution control on domains What is AutoPlay, in Windows? Basically the same thing as AutoRun. Where can you configure AutoPlay in Windows 10? Settings > Devices > AutoPlay tab on lefthand side What are four symptoms that may indicate malware infection? Performance problems Application crashes - particularly security applications File system errors, permission changes Event viewer shows many security audit failures How can you tell if a site's certificate is valid and trusted? A padlock icon to the left of the URL What does it mean if the URL of a site is colored green? It means its certificate is highly trusted. What could it mean if you receive a bunch of emails saying "failed to send" or a bunch of automated replies from unknown people? It could be that malware is sending emails from your PC, or at least spoofing your address. Is hardware or software based network security system that is able to detect and block sophisticated attacks by filtering network traffic dependent on the packet contents?A firewall is a security device — computer hardware or software — that can help protect your network by filtering traffic and blocking outsiders from gaining unauthorized access to the private data on your computer.
Which type of attacker hacks computers or websites in an attempt to promote a political ideology?A hacktivist is a hacker activist, someone who attacks computer systems for political reasons.
|