2.0 Security

2.2 Compare and contrast common security threats.

  • Social engineering
  • Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and the process of using or manipulating people to gain access to unauthorized resources.

  • Malware
  • Malware, short for malicious software, is software used or created to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. Some malware products are completely hidden, while others have a dual role, providing some functionality as well as performing covert actions.'Malware' is a general term used to refer to a variety of forms of hostile, intrusive, or annoying software.

  • Rootkits
  • The term rootkit is used to describe the mechanisms and techniques whereby malware, including viruses, spyware, and trojans, attempt to hide their presence from spyware blockers, antivirus, and system management utilities. There are several rootkit classifications depending on whether the malware survives reboot and whether it executes in user mode or kernel mode.

  • Phishing
  • Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information.

  • Shoulder surfing
  • Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand.

  • Spyware
  • Spyware is a software designed to monitor user activity for advertising purposes. Spyware is similar to a Trojan horse as it is typically bundled as a hidden component of freeware or shareware programs. Spyware can gather e-mail addresses, passwords, or banking information and transmit information in the background to another party. They have the ability to monitor keystrokes, scan files, install other spyware programs, read cookies, or change the default home page on the Web browser and can lead to system crashes or general system instability.

  • Viruses
  • Viruses are computer programs, usually short pieces of code, that can be spread to other computers through downloaded material, email attachments, or redirected web pages. Many are capable of reproduction, making the removal of these annoyances often quite difficult, and even more are introduced daily. The presence of a virus may often be indicated by browser redirects, unwanted pop-ups, sluggish performance, or even system crashes.

    • Worms
    • A worm is a malicious program, similar to a virus, except for the manner in which it's spread. A worm duplicates itself, unlike a virus which attempts to infect other files.

      The most common type of worm is the email worm. Email worms do not infect other files as do viruses, but spread by sending copies of themselves to any email addresses found on the infected system, and in turn, any of the recipient systems that become infected will also spread copies of the worm to any email addresses on their system. Email worms can spread globally within moments by using this simple tactic.

    • Trojans
    • A trojan, or trojan horse virus, is malware that is often transferred through what appears to be a legitimate e-mail or update and will produce a variety of effects. Some are simply a nuisance and do mischief like changing your desktop icons or changing other visual features. Other trojans are designed to destroy computer files, folders and programs. Trojans may also create backdoors allowing access to personal and confidential data. Unlike a worm, trojans do not replicate.


Exam Cram CompTIA A+ 220-801 Sixth Edition Study Guide   Mike Meyers All-In-One CompTIA A+ 220-801 Study Guide