Exam 220-1002 topic 1 question 43 discussion

The correct answer : B. Zombies F. Botnet

B and F

chatgpt says it can be Zombies, Botnet and Worms so this choices need to be trim down or change the question to choose (3) problem solves.

in the exam cram A+ pdf they listed the answers as Zombie and worms. I would have gone with zombie and botnet but the book states its Worms.

The windows PCs have prob become infected by a worm and have been compromised and turned into zombies (bots) The windows PCs are prob part of a botnet that includes other computers as well. The botnet is orchestrated by a master computer that initiates the DDoS attack. The infections that you as the technician will have to remove include the worm and the zombie program (script)

B & F Most bandwidth-directed DoS attacks are Distributed DoS (DDoS). This means that the attacks are launched from multiple compromised systems, referred to as a botnet. To establish a botnet, an attacker will first compromise one or two machines to use as "handlers" or "masters." The handlers are used to compromise multiple zombie devices with DoS tools (bots). In this way, the attacker can conceal his or her activities. This is also referred to as an asymmetric threat, because the attacker's resources can be far less than those of the victim.

I am confused. I thought the answer would've been zombie and botnet(I even asked my professor and he agreed with me) seeing as though a botnet is pretty much just a whole bunch of coordinated zombies. Either way this is a really off putting question because in all reality you can't be infected with zombie but you can be infected with a worm. I feel like this question could've been reworded and asked differently.

Comptia specifies Zombie and Botnet. I'm going with Comptia. B and F.

zombies and botnet aren't types of infections, right? They are an identity infected computers are ascribed

From Google. A “bot,” short for “robot,” is a type of software application or script that performs tasks on command, allowing an attacker to take complete control remotely of an affected computer. The compromised machine may also be referred to as a “zombie.” A collection of these infected computers is known as a “botnet.” B and F seems right

I completely disagree with these answers. Frankly, they're forcing you to make a lot of assumptions, but it could be EITHER a worm or a virus, either one could create Zombies, or form a Botnet by turning networked computers into Zombies, but Zombies and Botnet are two different things. Botnets are clusters of Zombies working in sync. Zombies are not necessarily working in sync, doing the same tasks simultaneously; a network of Zombies is not inherently a Botnet, unless they are performing the same task simultaneously. The actual answers, based on the content in the question (because the question doesn't detail attack vector traits) would be Zombies or Botnet. If they question had detailed HOW these computers had possibly been infected to perform these actions, the answers would be Virus and/or Worm. As it stands, either one could be the possible culprit, so the answers Virus and Worm, Virus and Botnet, Worm and Zombies, Worm and Botnet, Virus and Zombies, or Botnet and Zombies are all equally correct!

B and F are the same exact thing. A botnet is a collection of internet-connected devices, which may include personal computers (PCs), servers, mobile devices and internet of things (IoT) devices, that are infected and controlled by a common type of malware, often unbeknownst to their owner. A zombie virus gains access to a computer or smartphone system through the Internet and takes control of its resources. It uses the infected computer as its launch-pad – sending viruses, Trojan horses, or malicious data to other systems.

B and F are the same exact thing. A botnet is a collection of internet-connected devices, which may include personal computers (PCs), servers, mobile devices and internet of things (IoT) devices, that are infected and controlled by a common type of malware, often unbeknownst to their owner. Ransomware is malware that employs encryption to hold a victim's information at ransom. A user or organization's critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access.

I get that a machine that is part of a botnet is reffered to as a zombie, but a zombie isn't a type of infection, which is what the question asks. Botnet is obviously correct as that is what the infected machines are part of, but what was the original infection? a worm seems most likely out of the given options. There are multiple infected machines on the network that need to be cleaned, it's not unreasonable to think one machine was infected initially and the infection spread itself from their (worm behaviour).

I can create a bootnet and make a DDoS attack

Give me one good reason of why it is a worm over a botnet.