You are on page 1of 2

Mary Jane F.

Motol
BSI/T-3B

1. What is Privilege Escalation?


 Privilege Escalation is the act of exploiting a bug, design, flaw, configuration
oversight in operating system, software application or web application which
allows the user to access information, features or functionality that they are not
entitled to in their role.

2. Types of Privilege Escalation


 Vertical Privilege Escalation - occurs when user can access resources, features or
functionalities related to more privileged accounts.
 Horizontal Privilege Escalation - occurs when user have the ability to access the
resources, features or functionalities of the accounts having similar privileges.

3. What is keylogger?
 Keylogger is the act of recording which keys a user presses on their keyboard.

4. Types of keystrokes logger


 Hardware keyloggers - are any physical device that can plug directly into a
computer in order to record the keys that are pressed on that computer’s keyboard.
 Software keyloggers - are applications that are installed on a computer or mobile
device.

5. What is spyware?
 Spyware is a term used to describe a program designed to gather information
about user’s activity secretly. Spyware programs are often used to track users’
habits to target them with advertisements better. Spyware is usually installed on a
user’s machine without their knowledge when a link is followed (intentionally or
unintentionally) which redirects the user to a malicious website.

6. What is rootkit?
 Rootkit is a program or more often a collection of software tools that gives a
threat actor remote access to and control over a computer or other system.While
there have been legitimate uses for this type of software, such as to provide
remote end-user support, most rootkits open a backdoor on victim systems to
introduce malicious software, such as viruses, ransomware, keylogger programs
or other types of malware , or to use the system for further network security
attacks. Rootkits often attempt to prevent detection of malicious software by
endpoint antivirus software.

7. Type of rootkits
 Application Level Rootkits: Application level rootkits operate inside the victim
computer by changing standard application files with rootkit files, or changing the
behavior of present applications with patches, injected code etc.
 Kernel Level Rootkits: Kernel is the core of the Operating System and Kernel
Level Rootkits are created by adding additional code or replacing portions of the
core operating system, with modified code via device drivers (in Windows) or
Loadable Kernel Modules (Linux). Kernel Level Rootkits can have a serious
effect on the stability of the system if the kit’s code contains bugs. Kernel rootkits
are difficult to detect because they have the same privileges of the Operating
System, and therefore they can intercept or subvert operating system operations.

 Hardware/Firmware Rootkits: Hardware/Firmware rootkits hide itself in hardware


such a network card, system BIOS etc.

 Hypervisor (Virtualized) Level Rootkits: Hypervisor (Virtualized) Level Rootkits


are created by exploiting hardware features such as Intel VT or AMD-V
(Hardware assisted virtualization technologies). Hypervisor level rootkits hosts
the target operating system as a virtual machine and therefore they can intercept
all hardware calls made by the target operating system.

 Boot loader Level (Bootkit) Rootkits: Boot loader Level (Bootkit) Rootkits
replaces or modifies the legitimate boot loader with another one thus enabling the
Boot loader Level (Bootkit) to be activated even before the operating system is
started. Boot loader Level (Bootkit) Rootkits are serious threat to security because
they can be used to hack the encryption keys and passwords.

8. What is steganography?
 Steganography is the technique of hiding secret data within an ordinary, non-
secret, file or message in order to avoid detection; the secret data is then extracted
at its destination. The use of steganography can be combined with encryption as
an extra step for hiding or protecting data. The word steganography is derived
from the Greek words steganos (meaning hidden or covered) and the Greek
root graph (meaning to write).

9. Classification of steganography

10. What is steganalysis?


 Steganalysis is the discovery of the existence of hidden information; therefore,
like cryptography and cryptanalysis, the goal of steganalysis is to discover hidden
information and to break the security of its carriers.