Chapter 50 Β· Quiz

Malicious Code Quiz

6 multiple-choice questions and a matching section. Submit to reveal answers and explanations.

Question 1 of 6
Which vulnerability did WannaCry ransomware exploit to spread autonomously across networks without any user interaction?
Question 2 of 6
What made the British Airways cross-site scripting attack particularly efficient in terms of the ratio of attack effort to victim impact?
Question 3 of 6
How does a worm fundamentally differ from a traditional virus in its propagation behavior?
Question 4 of 6
Which type of malicious code disguises itself as a legitimate, useful application to trick users into installing it, while concealing its malicious payload β€” and does NOT self-replicate?
Question 5 of 6
What defense specifically and directly addresses the SMBv1 vulnerability used by WannaCry β€” and what does the WannaCry timeline reveal about the value of this defense?
Question 6 of 6
What property of fileless malware makes it particularly difficult for traditional signature-based anti-malware tools to detect?
Matching β€” Malicious Code Types
Match each term on the left to its correct description on the right.
1. Ransomware
2. Trojan Horse
3. SQL Injection
4. Cross-Site Scripting (XSS)
A. Malicious script injected into web page content that executes in other users' browsers; used to steal session cookies, credentials, or payment card data as users interact with the compromised site
B. Malicious code disguised as legitimate, useful software; user installs it voluntarily believing it is benign; hidden payload activates after installation; does not self-replicate
C. Malware that encrypts victim files and demands payment for the decryption key; delivery mechanism varies; defines its payload (extortion) rather than propagation method
D. Attack where malicious code is injected into database queries through unsanitized user input; allows unauthorized reading, modification, or deletion of database contents; prevented by parameterized queries