2

Question 1

What is a PUP?

Answer 1

• A type of computer program not explicitly classified as malware by AV software
• A type of software that may adversely affect the computer’s security and performance, compromise user’s privacy, or display unsolicited ads
• An application downloaded and installed with the user’s consent (legal app)

Question 2

Which type of malware resides only in RAM?

Answer 2

Fileless virus

Question 3

What is the function of a C2 server?

Answer 3

Botnet control

Question 4

A malware-infected network host under remote control of a hacker is commonly referred to as:

Answer 4

Bot

Question 5

Which of the following applies to a collection of intermediary compromised systems that can be used as a platform for a DDoS attack?

Answer 5

Botnet

Question 6

Which of the following is an example of cryptomalware?

Answer 6

Ransomware

Question 7

Malicious code activated by a specific event is called:

Answer 7

Logic bomb

Question 8

Malicious software collecting information about users without their knowledge/consent is known as:

Answer 8

Spyware

Question 9

Which of the following is an example of spyware?

Answer 9

Keylogger

Question 10

Which type of Trojan enables unauthorized remote access to a compromised system?

Answer 10

** RAT **

Remote access trojans (RATs) give the attacker access to a variety of information on the infected device, including text messages, emails, contact lists, GPS location, camera feeds, and more.

Question 11

A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network is known as:

Answer 11

** RootKit **

A rootkit is a malicious piece of software that’s designed to give admin control of the targeted system to an attacker while remaining hidden

Question 12

Which of the following refers to an undocumented (and often legitimate) way of gaining access to a program, online service, or an entire computer system?

Answer 12

** Backdoor **

Backdoor Trojans are malicious software programs designed to grant unwanted access for a remote attack. Remote attackers can send commands or leverage full control over a compromised computer

Question 13

A short list of commonly used passwords tried against large number of user accounts is a characteristic feature of:

Answer 13

** Spraying attack **

A password spraying attack is a type of brute force attack where a hacker, much like the name implies, “sprays” an authentication server with combinations of usernames and common passwords. Attackers often run through lists of commonly used passwords available on the web.

Question 14

Which password attack bypasses account-lockout policies?

Answer 14

** Spraying attack **

A password spraying attack is a type of brute force attack where a hacker, much like the name implies, “sprays” an authentication server with combinations of usernames and common passwords. Attackers often run through lists of commonly used passwords available on the web.

Question 15

Which password attack takes advantage of a predefined list of words?

Answer 15

** Dictionary attack **

A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary as a password

Question 16

One of the measures for bypassing the failed logon attempt account lockout policy is to capture any relevant data that might contain the password and brute force it offline.

Answer 16

True

Question 17

An attack against encrypted data that relies heavily on computing power to check all possible keys and passwords until the correct one is found is known as:

Answer 17

Brute-force attack

Question 18

Rainbow tables are lookup tables used to speed up the process of password guessing

Answer 18

True

Question 19

Which of the following refers to the contents of a rainbow table entry?

Answer 19

Hash/Password

Question 20

In cryptography, the term “Plaintext” is used to describe data in an unencrypted form.

Answer 20

True

Question 21

Due to added functionality in its plug, malicious USB cable can be used for:

• GPS tracking
• Capturing keystrokes
• Sending and receiving commands
• Delivering and executing malware
  ** Any of the above **

Answer 21

• GPS tracking
• Capturing keystrokes
• Sending and receiving commands
• Delivering and executing malware
  ** Any of the above **

Question 22

Which of the following terms is used to describe the theft of personal data from a payment card?

Answer 22

Skimming

Question 23

The practice of making an unauthorized copy of a payment card is referred to as:

Answer 23

Cloning

Question 24

An AI feature that enables it to accomplish tasks based on training data without explicit human instructions is called:

Answer 24

** ML **

In security, machine learning continuously learns by analyzing data to find patterns so we can better detect malware in encrypted traffic, find insider threats, predict where “bad neighborhoods” are online to keep people safe when browsing, or protect data in the cloud by uncovering suspicious user behavior.

Question 25

Which cryptographic attack relies on the concepts of probability theory?

Answer 25

** Birthday **

A method of cracking cryptographic algorithms through matches in hash functions. It is based on the birthday paradox, according to which the probability of two people sharing a birthday is far higher than it seems — for a group of 23 people, for example, the probability is 50%.