631

Question 1

the steps in the malware removal process are as follows —

Answer 1

ID Malware
Quarantine
Disable system restore
Remediate infected system.
Update or install anti-malware software.
Scan and use removal techniques (safe mode, pre-installation environment). Schedule scans, and run updates.
Enable System Restore, create a restore point
Educate the end user.

Question 2

Antivirus software should be installed, but must also be kept —

Answer 2

up-to-date with virus definition files.

Question 3

Most antivirus applications protect against viruses, worms, and Trojan horses. Some antivirus applications also have integrated —

Answer 3

antimalware and antispyware software.

Question 4

You should only have one anti-virus application installed and —

Answer 4

running on your computer.

Question 5

Antimalware software should also be installed and kept up-to-date. Like antivirus applications, antimalware applications require periodic —

Answer 5

updates to the malware definition files.

Question 6

For antispyware software, follow the same guidelines as with antivirus and antimalware software. Unlike antivirus application, you can install multiple —

Answer 6

antispyware applications.

Question 7

Hyperlink spoofing, which is also referred to as Web spoofing, is used by an attacker to persuade the Internet browser to connect to a —

Answer 7

fake server that appears as a valid session.

Question 8

The primary purpose of hyperlink spoofing is to gain access to confidential information, such as —

Answer 8

PIN numbers, credit card numbers, and bank details of users.

Question 9

The link from hyperlink spoofing as it appears on this page is often correct. However, the actual underlying link is usually to the —

Answer 9

spoofed site.

Question 10

Hyperlink spoofing takes advantage of people using hyperlinks instead of DNS addresses. In most scenarios, the DNS addresses are not visible, and the user is redirected to another fake — .

Answer 10

Web site after clicking a hyperlink

Question 11

A land attack involves sending a spoofed TCP SYN packet with the target host’s IP address and an open —

Answer 11

port acting both as a source and a destination to the target host on an open port.

Question 12

The land attack causes the system to either freeze or crash because the machine —-

Answer 12

continuously replies to itself.

Question 13

ICMP packet spoofing is used by a smurf attack to conduct a

Answer 13

denial-of-service (DoS) attack.

Question 14

A smurf is a DoS attack that uses spoofed broadcast ping messages to

Answer 14

flood a target host.

Question 15

In such an attack, the attacker sends a large number of ICMP echo packets with a spoofed source IP address similar to that of the target host to IP broadcast addresses. This results in the target host being —

Answer 15

flooded with echo replies from the entire network. This also causes the system to either freeze or crash.

Question 16

Network address hijacking allows the attacker to reroute data traffic from a —

Answer 16

network device to a personal computer.

Question 17

Network address hijacking, which is also referred to as session hijacking, enables an attacker to —

Answer 17

capture and analyze the data addressed to a target system.

Question 18

The attacker can gain access to critical resources and user credentials, such as passwords, and unauthorized access to the —

Answer 18

critical systems of an organization.

Question 19

Session hijacking involves taking control of an existing connection after the —

Answer 19

user has successfully created an authenticated session.

Question 20

Automated System Recovery in not an option listed in the

Answer 20

Advanced Boot Options menu.

Question 21

The options for the advanced boot options menu are as follows: —

Answer 21

Safe Mode     
Safe Mode with Networking      
Safe Mode with Command Prompt      
Enable Boot Logging        
Enable low-resolution video 640x480     
Last Known Good Configuration       
Directory Services Restore Mode      
Debugging Mode      
Disable automatic restart on system failure      
Disable Drive Signature Enforcement

Question 22

____________________uses a minimal set of device drivers and services when Windows boots. All three variants of _________________ use vga.sys as the video device driver. —

Answer 22

Safe Mode

Question 23

uses a minimal set of device drivers and services when Windows boot, but includes device drivers to enable networking. —

Answer 23

Safe Mode with Networking

Question 24

is the same as Safe Mode, except it only boots to the command prompt. This mode does NOT provide a GUI interface. —

Answer 24

Safe Mode with Command Prompt -