Chapter 40 Β· Quiz

Malware Overview Quiz

Seven questions covering malware types, infection vectors, ransomware behavior, and foundational defenses.

Q1. Which of the following BEST defines the term "malware"?
Q2. A user's workstation has been infected with ransomware. The user reports that they can still browse the internet and use applications, but all of their work documents have unfamiliar file extensions and cannot be opened. Which of the following BEST explains why the operating system remains functional?
Q3. A security analyst discovers that a malware infection on a workstation began while the user was visiting a legitimate industry news website. The user did not click any links or download any files. Which infection vector BEST explains this incident?
Q4. An organization's security team discovers that a ransomware infection began with a worm that exploited an unpatched network vulnerability, established a remote access backdoor on multiple systems, ran a keylogger for four days, and then deployed ransomware across all compromised hosts simultaneously. Which of the following BEST describes this type of attack?
Q5. An organization's files have been encrypted by ransomware. Which of the following represents the MOST effective recovery strategy?
Q6. Why is it important to keep antivirus signature files current on a daily basis?
Q7. Match each malware type to its defining characteristic.

Click each term on the left, then click its match on the right.
Match each item on the left with its correct characteristic on the right:
Logic Bomb
Rootkit
Trojan Horse
Keylogger
A. Records every keystroke and transmits credentials to the attacker
B. Disguised as legitimate software; executes malicious payload when the user installs it
C. Dormant code that triggers on a specific condition such as a date or deleted account
D. Gains administrator-level control while hiding its presence from the OS and security tools
Click an item on the left to select it, then click its match on the right.