Using suitable examples, differentiate between the launch and evade actions of malware. Your answer must give the types of malware as examples and use the examples to show the difference between the two actions.
A. Transport protocol ,User Datagram Protocol (UDP),Transmission Control Protocol (TCP)
B. Authentication and authorisation, Combined,Separate
Step By Step Answers with Explanation
Malware launch actions refer to the initial execution or activation of the malicious code on a victim's system. These actions are the first step in the malware's attack lifecycle. Here are some examples of malware types that demonstrate launch actions:
Malware evade actions involve techniques employed by malicious software to avoid detection, analysis, or removal by security mechanisms. These actions occur after the malware has successfully infiltrated a system. Here are examples of malware types that demonstrate evade actions:
1. Rootkits: Rootkits are malware that gain elevated privileges on a system and modify the operating system to hide their presence. They often manipulate system calls and system files to evade detection. "Sony BMG Rootkit" is an infamous example used in DRM software.
In summary, while launch actions are about getting a foothold and executing malicious code, evade actions are about maintaining that foothold and operating stealthily to accomplish the malware's objectives. Understanding these distinctions is crucial for cybersecurity professionals in detecting, mitigating, and preventing malware threats.
Q.1.4: Comparing RADIUS and TACACS+
B. Authentication and authorization Combined Separate
C. Communication Unencrypted Encrypted
B. Authentication and Authorization:
RADIUS: RADIUS combines authentication and authorization. When a user tries to access a network resource, the RADIUS server both authenticates the user's credentials and authorizes their access based on predefined policies.
In summary, RADIUS and TACACS+ are both authentication and authorization protocols commonly used in network security, but they differ in several key aspects:
Transport Protocol: RADIUS uses UDP, while TACACS+ uses TCP, which provides a more reliable communication channel.