14 Flashcards
What is the main difference between static and dynamic analysis?
Static analysis examines code without executing it, while dynamic analysis involves running the code to observe its behavior.
True or False: Static analysis is generally faster than dynamic analysis.
True
Which type of analysis is more effective at detecting fileless malware?
Dynamic analysis
What is fileless malware?
Fileless malware operates in memory without leaving a footprint on the system’s disk.
Fill in the blank: Fileless malware does not rely on __________ to carry out malicious activities.
files
What is a common delivery method for fileless malware?
Malicious scripts or macros in documents or emails
What is the advantage of static analysis over dynamic analysis?
Static analysis can detect vulnerabilities early in the development process.
What is the advantage of dynamic analysis over static analysis?
Dynamic analysis can uncover behavior that may not be apparent from static analysis.
What are some challenges of detecting fileless malware?
Fileless malware can evade traditional antivirus software and leave little to no trace on the system.
What is an example of a fileless malware attack technique?
PowerShell-based attacks
Which type of analysis is better suited for detecting PowerShell-based fileless malware attacks?
Dynamic analysis
What is the primary goal of fileless malware attackers?
To remain undetected and carry out malicious activities without leaving traditional traces.
What are some mitigation strategies against fileless malware attacks?
Implementing application whitelisting, monitoring system behavior, and restricting administrative privileges.
What is the role of endpoint detection and response (EDR) solutions in combating fileless malware?
EDR solutions can detect and respond to fileless malware threats in real-time.
What is the importance of continuous monitoring in detecting fileless malware?
Continuous monitoring can help identify unusual behavior indicative of fileless malware attacks.
