6.7 Assume you have found a USB memory stick in your work parking area. What threatsmight this pose to your work computer should you just plug the memory stick in andexamine its contents? In particular, consider whether each of the malware propagationmechanisms we discuss could use such a memory stick for transport. What stepscould you take to mitigate these threats, and safely determine the contents of thememory stick?

6.8 Suppose you observe that your home PC is responding very slowly to informationrequestsfrom the net. And then you further observe that your network gatewayshows high levels of network activity, even though you have closed your e-mail client,Web browser, and other programs that access the net. What types of malware couldcause these symptoms? Discuss how the malware might have gained access to your system. What steps can you take to check whether this has occurred? If you do identifymalwareon your PC, how can you restore it to safe operation?

6.9 Suppose that while trying to access a collection of short videos on some Web site, yousee a pop-up window stating that you need to install this custom codec in order toview the videos. What threat might this pose to your computer system if you approvethis installation request?

6.10 Suppose you have a new smartphone and are excited about the range of apps availablefor it. You read about a really interesting new game that is available for your phone.You do a quick Web search for it, and see that a version is available from one of thefree marketplaces. When you download and start to install this app, you are askedto approve the access permissions granted to it. You see that it wants permission to“Send SMS messages” and to “Access your address-book”. Should you be suspiciousthat a game wants these types of permissions? What threat might the app pose to yoursmartphone, should you grant these permissions and proceed to install it? What typesof malware might it be?

6.11 Assume you receive an e-mail, which appears to come from a senior manager in yourcompany, with a subject indicating that it concerns a project that you are currentlyworking on. When you view the e-mail, you see that it asks you to review the attachedrevised press release, supplied as a PDF document, to check that all details are correctbefore management release it. When you attempt to open the PDF, the viewer pops upa dialog labeled “Launch File” indicating that “the file and its viewer application areset to be launched by this PDF file.” In the section of this dialog labeled “File,” thereare a number of blank lines, and finally the text “Click the ‘Open’ button to view thisdocument.” You also note that there is a vertical scroll-bar visible for this region.Whattype of threat might this pose to your computer system should you indeedselectthe“Open” button? How could you check your suspicions without threatening your system?What type of attack is this type of message associated with? How many peopleare likely to have received this particular e-mail?

6.12 Assume you receive an e-mail, which appears to come from your bank, includes yourbank logo in it, and with the following contents:“Dear Customer, Our records show that your Internet Banking access has beenblocked due to too many login attempts with invalid information such as incorrectaccess number, password, or security number. We urge you to restore your accountaccess immediately, and avoid permanent closure of your account, by clicking on thislink to restore your account. Thank you from your customer service team.”What form of attack is this e-mail attempting? What is the most likely mechanismused to distribute this e-mail? How should you respond to such e-mails?

6.13 Suppose you receive a letter from a finance company stating that your loan paymentsare in arrears, and that action is required to correct this. However, as far as you know,you have never applied for, or received, a loan from this company! What may haveoccurred that led to this loan being created? What type of malware, and on whichcomputer systems, might have provided the necessary information to an attacker thatenabled them to successfully obtain this loan?6.14 List the types of attacks on a personal computer that each of a (host-based) personalfirewall, and anti-virus software, can help you protect against. Which of these countermeasureswould help block the spread of macro viruses spread using email attachments?Which would block the use of backdoors on the system?