Malware is malicious software designed to damage a computing system, steal sensitive data, or take control of computing resources without authorization. In AP CSP, it falls under Topic 5.6 (Safe Computing) and connects to unauthorized access methods like keylogging and phishing.
Malware is the umbrella term for any software written with bad intent. That includes programs that disrupt how a computer works, steal personally identifiable information (PII), spy on what you type, or hand control of your device to someone else. The name literally combines "malicious" and "software," and that's the whole idea. It's code that works against the user instead of for them.
In the AP CSP framework, malware sits inside Topic 5.6 (Safe Computing) as one of the ways computing resources get misused. The CED cares less about the technical guts of malware and more about the cause-and-effect chain. How does malware get onto a system (often through phishing emails or untrustworthy downloads)? What can it do once it's there (keylogging, stealing PII, granting unauthorized access)? And what protections fight back (authentication, multifactor authentication, antivirus software, and being careful what you click)?
Malware lives in Unit 5: Impact of Computing, specifically Topic 5.6 Safe Computing, and supports learning objectives 5.6.B (explain how computing resources can be protected and misused) and 5.6.C (explain how unauthorized access is gained). It also connects to 5.6.A, because the payoff of most malware is stolen PII like financial info, passwords, or biometric data. Unit 5 is the "so what?" unit of AP CSP. The exam wants you to reason about benefits and harms of computing, and malware is the textbook harm. If you can explain how a keylogger captures a password, how phishing tricks someone into installing malicious software, and how multifactor authentication blunts the damage, you've covered the full attack-and-defense story the CED is built around.
Keep studying AP Computer Science Principles Unit RHQfKp2hEgUxtUw1
Phishing (Unit 5)
Phishing is often the delivery truck for malware. A fake email tricks you into clicking a link or opening an attachment, and that's how the malicious software gets onto your machine in the first place. On the exam, phishing scenarios and malware scenarios frequently appear in the same question.
Keylogging (Unit 5)
A keylogger is a specific kind of malware that records every keystroke you make, which is how attackers harvest passwords and other confidential information. If a question describes software secretly logging what a user types, the answer involves keylogging malware.
Encryption (Unit 5)
Encryption is one of the main defenses in the safe computing toolkit. Even if malware or a rogue access point intercepts your data, properly encrypted data is unreadable without the key. The CED pairs every attack method with a protection, and encryption is a big one.
Virus (Unit 5)
A virus is a type of malware, not a synonym for it. What makes a virus distinctive is that it attaches to legitimate programs or files and spreads when those are shared or run. All viruses are malware, but plenty of malware (like a standalone keylogger) isn't a virus.
Malware shows up in multiple-choice questions on the end-of-course exam, almost always as a scenario you have to classify or fix. A typical stem describes a behavior, like a fake bank email leading to a counterfeit login page, or a program secretly recording keystrokes, and asks you to name the attack (phishing, keylogging, malware) and pick the right protection (multifactor authentication, strong passwords, antivirus software, avoiding suspicious downloads). Practice questions in this area also test the privacy angle, like recognizing that data collected by malware counts as PII and creates real harm for the user. There's no FRQ on the current AP CSP exam, and the Create performance task won't ask about malware directly, so MCQs are where this term earns its points. Your job is to match the scenario to the vocabulary and to pair every attack with a defense.
Malware is the broad category and virus is one species inside it. Malware means any software designed to harm a system or steal data, including keyloggers, spyware, and ransomware. A virus specifically replicates by attaching itself to other programs or files and spreading when they're shared. On an MCQ, if the scenario emphasizes self-replication and spreading, think virus. If it just describes malicious behavior in general, malware is the safer answer.
Malware is any software intentionally designed to damage a computing system or take control of it without authorization, and it falls under Topic 5.6 Safe Computing in Unit 5.
A virus is one specific type of malware that spreads by attaching itself to other programs; the terms are not interchangeable.
Malware often arrives through phishing emails or untrustworthy downloads, which is why those attack methods are tested together.
Keylogging malware records every keystroke a user makes to steal passwords and other confidential information.
Protections against malware include strong passwords, multifactor authentication, antivirus software, and avoiding suspicious links and downloads.
The exam tests malware through scenario-based multiple-choice questions where you identify the attack and choose the matching protection.
Malware is malicious software designed to harm computers, steal sensitive information, or gain unauthorized access to computing resources. It's part of Topic 5.6 (Safe Computing) in Unit 5 and supports learning objectives 5.6.B and 5.6.C about how computing resources are misused.
No. A virus is one type of malware that spreads by attaching itself to legitimate programs or files. Malware is the umbrella term that also covers keyloggers, spyware, and other malicious software that doesn't self-replicate.
Not exactly. Phishing is a social engineering trick (a fake email or website that fools you into giving up personal information), while malware is actual malicious software. They're connected because phishing is a common way attackers get malware installed on a victim's device.
The CED's go-to protections are strong passwords, multifactor authentication, antivirus or anti-malware software, keeping systems updated, and avoiding suspicious links, attachments, and downloads. Exam questions usually ask you to match one of these defenses to a described attack.
Yes. It's tested in the multiple-choice section through Topic 5.6 scenarios, like identifying a keylogger stealing passwords or recognizing that a fake bank login page is a phishing attack that can deliver malware. Big Idea 5 (Impact of Computing) makes up a meaningful chunk of the exam, so safe computing vocabulary is worth knowing cold.