Exam Objectives 2.4
Given a scenario, analyze indicators of malicious activity.
- Malware attacks: Malicious software attack
- Ransomware: Attacker demands payment for decryption
- Trojans: Unauthorized system access, unexpected system changes
- Worms: Rapid network congestion, unusual traffic patterns
- Spyware: Unexplained data exfiltration, suspicious process activity
- Bloatware: Excessive resource consumption, slowed system performance
- Viruses: Infected files or software, replication in files and memory
- Keyloggers: Keystroke logging, unusual data transfer
- Logic bombs: Specific trigger events, sudden system crashes
- Rootkits: Hidden processes, unauthorized access
- Physical attacks:
- Brute force: Repeated login attempts, account lockouts
- RFID cloning: Unauthorized RFID tag usage, duplication
- Environmental: Physical damage, tampering with hardware
- Network attacks:
- DDoS attacks: Service unavailability
- Amplified DDoS: Magnifying attack traffic for greater disruption
- Reflected DDoS: Redirecting and...