1.

-
a.-Malicious software, or malware, is used by cybercriminals, hacktivists and nation states to
disrupt computer operations, steal personal or professional data, bypass access controls and
otherwise cause harm to the host system

b.-The viruses consist of harmful programs that are self-replicating and are designed to
infect legitimate software programs, instead, worms are a variation on a similar theme, the
primary difference being that the latter is able to operate as a stand-alone program and
transmit itself across a network directly.

c.-Trojan horse is a malicious program disguised to trick an unsuspecting user into

downloading and installing it.

e.-A rootkit is a form of software which enables other malicious processes or programs to
continue to benefit from privileged access to a computer by masking their existence from
normal detection methods.
The name comes because the attacker has system root access

f.- A bot is a form of malware generated to automatically perform specific operations, with
infected machines often being referred to as 'zombies'. Multiple bots communicating
together are termed a ‘botnet’ and can be used to help execute DoS (denial-of-service)
attacks against websites, host phishing attacks or send out thousands of spam email
messages.

2.-

Saves everything entered by keyboard

The malicious activity that can be done with this program is that you can know the user and
password entered in the computer.
If it can be used as a spyware.

3.-
a.- Your business model is that you install your software on your pc

b.- For home uses

c.-For business use

d.- It is good for basic use but not for business use, because a higher level of protection is needed

E.- the rogue antivirus is a type of malicious software whose main purpose is to make believe that a
computer is infected by some type of virus, inducing to pay a certain sum of money to eliminate it.
Do not install programs that do not know their origin or are from official sites.

F.- Panda, Kaspersky, Mcfree internet security

4.-

a.- The real-time protection is that the system monitors your computer at all times and warns you if
potential threats, such as viruses and spyware, are trying to install or run on your computer.

b.- It is to program the antimalware to analyze the system or a directory on a certain date.

c.-A zero-day attack is an attack against an application or system that targets the execution of
malicious code thanks to the knowledge of vulnerabilities that are generally unknown to the people
and the manufacturer of the product.

d.-The database that stores information about viruses is updated

e.- I block those malicious pages and you will not be allowed to enter them

f.- Sandbox is a security mechanism for separating running programs, usually in an effort to
mitigate system failures or software vulnerabilities from spreading.

g.- the quarantine is associated with an action developed by the antivirus programs to prevent the
files of a computer from being infected with that file that is infected with a virus.

5.-
a.-
b.-

c.-
d.-

6.-
a
b.- /etc/shadow
C.- las contraseñas estan codificadas
d.- sudo john - -single /etc/shadow sudo john - -show /etc/shadow
e.- Te muestra que ya ha sacado las contraseñas anteriormente.
f.- Ir probando combinaciones hasta dar con la contraseña.
g.- El tiempo para descifrar la contraseña aumenta exponencialmente
h.- sudo john - -single /etc/shadow → hace un escaneo rapido
sudo john - -show /etc/shadow → Muestra las contraseñas optenidas
sudo john /etc/shadow → Hace un escaneo completo

7.- Ophcrack crakea las contraseñas de windows utilizando las tablas arcoiris, las tablas arcoiris son
tablas de consulta que ofrecen un compromiso espacio-tiempo para obtener claves en texto simple a
partir del resultado de una función de hash.
8.-

9.-
a.-Cuanto más larga sea la contraseña más dificil será conseguirla por fuerza bruta pues tiene que
hacer más combinaciones de caracteres.

b.-

c.- Los criterios a seguir son que las contraseñas tengan mayusculas, minusculas, números y
simbolos.

d.-

10.- StickyKeys está diseñado para personas con dificultades en mantener oprimidas dos o más
teclas simultáneamente y cuando pulsan varias veces shift pueden abrir un cmd como administrador
y esto es una vulnerabilidad pues los hacker pueden utilizarlo para su propio fin.
11.-

12.-

a.- nmap -sP 192.168.0.0/24

sudo nmam -O 192.168.0.25

sudo nmam -O 192.168.0.100 ó sudo nmap -sV 192.168.0.100

c.- Pruebas de la red.

d.-Obtener información de un equipo sin su permiso y utilizarla para hacer un ataque.

e.- Nmap obtiene la información de los puertos abiertos de una maquina y netstat obtiene la
información directamente del SO.

13.- criptada e importante

14.-

a.- se encuentra en el núcleo de Windows, puede ser usada para escapar de la seguridad definida por
el sistema

b.- La seguridad

c.-Seria

d.- Actualizar

15.-
Consiste en poner la tarjeta de red en modo promiscuo, para que asi pueda interceptar todos los
paquetes de la red.
La topologia de red debe ser ethernet.
Esta herramienta se puede utilizar para acceder a los datos privados cuando la información de algún
sitio web o un programa no se envía codificada entonces con wireshark se pueden leer claramente.

16.- Pharming es la explotación de una vulnerabilidad en el software de los servidores DNS.

Permite a un atacante redirigir un nombre de dominio a otra máquina distinta.

17.-

- -flood → Manda paquetes los mas rápido que puede

- -rand-source → envía paquetes con dirección origen diferente en cada envio.

18.-

a.-Social engineering: Social engineering refers to the psychological manipulation of people so that
they perform certain actions or divulge confidential information.

b.- Pharming is the exploitation of a vulnerability in the software of the DNS servers.

c.- Spam: unwanted email.

d.- Scam: it is a dishonest way to get money cheating people.

e.- Hoax: it is an email that warns of a non-existent logical threat. Usually they are usually benign.

f.-Whaling: is a type of fraud whose goal is high profile users as managerial positions of a company,
politicians or celebrities. Its objective is to deceive this type of users so that they reveal personal or
corporate information.

19.-
 a) Hacker: is a computer expert with high skills capable of accessing a computer system using
bugs in the programs. They carry out this activity to obtain an economic benefit, to cause
some damage or simply because of the challenge to their abilities.
b) Cracker: cracker is a type of hacker who accesses an information system to steal or delete
your information or to disable it.
c) Phreaker: person who unlawfully accesses a telecommunications system.
d) Sniffer: program or a device to monitor the information that travels through a network.
e) Newbie: refers to a user within a server, commonly used to a beginner
f) Lamer: person who impersonates hackers without being.
g) Cyberterrorist: is the use of the Internet to conduct violent acts that result in, or threaten,
loss of life or significant bodily harm, in order to achieve political gains through
intimidation.
h) Virus programmer: person making viruses
i) Carder: They are people who sell, buy and trade with stolen data from credit cards.
j) Script kiddies: it is an unskilled individual who uses scripts or programs developed by
others to attack computer systems and networks.
k) Black-hat hacker: Hacker who violates computer security for any reason other than evil or
personal gain.
l) White-hat hacker: hacker employing ethical hacking techniques
m) Internet troll: It is a person who sows the disencounter on the Internet by means of the
publication of provocative messages, irrelevant or off topic in a community in line with the
main intention to disturb or provoke a negative emotional response in the Users and
Readers
n) Hacktivism: is the use of computers and computer networks to promote a political campaign
or a social change

20.- Yes, you can consider a special type of phishing.