50+ page Security+ Study Guide
Organized by section from the official list of terms/knowledge needed to pass the test. Simple definitions and explanations. Don't pay crazy prices for a course when all the knowledge you need is right here! Preview of guide and definitions listed below.
Given a scenario, analyze indicators of compromise and determine the type of malware.
- Virus – A computer virus modifies other legitimate host files (or pointers to them) in such a way that when a victim’s file is executed, the virus is also executed.
- Crypto-malware – Essentially the same thing as Ransomware, holds all of your data hostage in return for crypto payments.
- Ransomware – Encrypts files on your computer and requests a crypto payment to decrypt
- Worm – Self-replicates (spreads without any end-user action)
- Trojan – Pretends to be legit programs, but has malicious actions. Ex. fake AV programs (has to be executed by end-user and may be pushed by infected sites)
- Rootkit – Essentially, malware programs attempt to modify the underlying operating system to take ultimate control and hide from antimalware programs.
- Keylogger – malware that records the keystrokes and can gain access to passwords, etc.
- AdWare – malicious ads attempting to expose end-users ex. May redirect searches to dangerous sites
- SpyWare – can install keyloggers to find account info, etc. most likely means theres a root exploit issue
- Bots – Bots are essentially Trojan/worm combinations that attempt to make individual exploited clients a part of a larger malicious network. Botmasters have one or more “command and control” servers that bot clients check into to receive their updated instructions. Cyber criminals can rent out botnets
- RAT – Remote Access Trojan – usually installed without end-user’s knowledge
- Logic Bomb – uploaded on the back-end of a computer but has a timer before it either starts deleting/stealing/encrypting data/etc.
- Backdoor – bypasses normal authentication and usually enables some type of remote access’