Week 10 discussion

profileMask20
Assignment_NetworkSecurity.docx

Do the following review questions:

· 10.1 What are three broad mechanisms that malware can use to propagate?

· 10.2 What are four broad categories of payloads that malware may carry?

· 10.3 What are typical phases of operation of a virus or worm?

· 10.4 What mechanisms can a virus use to conceal itself?

· 10.5 What is the difference between machine-executable and macro viruses?

· 10.6 What means can a worm use to access remote systems to propagate?

· 10.7 What is a “drive-by-download” and how does it differ from a worm?

· 10.8 What is a “logic bomb”?

· 10.9 Differentiate among the following: a backdoor, a bot, a keylogger, spyware, and a rootkit? Can they all be present in the same malware?

· 10.10 List some of the different levels in a system that a rootkit may use.

· 10.11 Describe some malware countermeasure elements.

· 10.12 List three places malware mitigation mechanisms may be located.

· 10.13 Briefly describe the four generations of antivirus software.

· 10.14 How does behavior-blocking software work?

· 10.15 What is a distributed denial-of-service system?