What are three broad mechanisms that malware can use to propagate?
What are four broad categories of payloads that malware may carry?
What are typical phases of operation of a virus or worm?
What mechanisms can a virus use to conceal itself?
What is the difference between machine-executable and macro viruses?
What means can a worm use to access remote systems to propagate?
What is a drive-by-download and how does it differ from a worm?
What is a logic bomb ?
Differentiate among the following: a backdoor, a bot, a keylogger, spyware, and a rootkit? Can they all be present in the same malware?
List some of the different levels in a system that a rootkit may use.
Describe some malware countermeasure elements.
List three places malware mitigation mechanisms may be located.
Briefly describe the four generations of antivirus software.
How does behavior-blocking software work?
What is a distributed denial-of-service system?
Sample Solution