Security+ Objectives 1.1

Given a scenario, analyze indicators of compromise and determine the type of malware

• Viruses — Malicious code that attaches itself to a host application. The host application must be executed to run, and the malicious code executes when the host application is executed.
• Crypto-malware — A type of ransomware that encrypts the user’s data
• Ransomware — A type of malware used to extort money from individuals and organizations. Ransomware typically encrypts the user’s data and demands a random before decrypting the data.
• Worm — Self-replicating malware that travels through a network. Worms do not need user interaction to execute.
• Trojan — Malware also known as a Trojan Horse. A trojan often looks useful, but is malicious
• Rootkit — A type of malware that has system-level access to a computer. Rootkits are often able to hide themselves from users and antivirus software.
• Keylogger — Software or hardware used to capture a user’s keystrokes. Keystrokes are stored in a file and can be manually retrieved or automatically sent to an attacker.
• Adware — Advertising supported software. Displays unwanted advertisement on your computer. Malicious attack presented as an advertisement.
• Spyware — Software installed on a users’ systems without their awareness or consent. Its purpose is often to monitor the user’s computer and the user’s activity.
• Bots — Software robots function automatically.
• Botnet — a group of computer that are joined together. Attackers often use malware to join computer to a botnet, and then use the botnet to launch attacks.
• RAT — Remote access Trojan. Malware that allows an attacker to take control of a system from a remote location.
• Logic Bomb — A type of malware that executes in response to an event. The event might be a specific date or time, or a user action such as when a user launches a specific program.
• Backdoor — An alternate method of accessing a system. Malware often adds a backdoor into a system after it injects it.