9.1.12 Practice Questions Flashcards
An illustration of the SWAYZ CRYPTOR program.
The program shown is a crypter. Which of the following best defines what this program does?
answer
A crypter compresses the malware to reduce its size and help hide it from anti-malware software.
A crypter takes advantage of a bug or vulnerability to execute the malware’s payload.
A crypter can encrypt, obfuscate, and manipulate malware to make it difficult to detect.
A crypter is the main piece of the malware, the part of the program that performs the malware’s intended activity.
A crypter can encrypt, obfuscate, and manipulate malware to make it difficult to detect.
Listen to exam instructions
Which of the following laws is designed to regulate emails?
answer
CAN-SPAM Act
HIPAA
USA Patriot Act
CFAA
CAN-SPAM Act
An illustration of a block of code.
Which of the following virus types is shown in the code below?
answer
Metamorphic
Direct action
Cavity
Logic bomb
Logic bomb
Listen to exam instructions
A virus has replicated itself throughout the infected systems and is executing its payload. Which of the following phases of the virus lifecycle is the virus in?
answer
Launch
Replication
Design
Incorporation
Launch
Heather is performing a penetration test of her client’s malware protection. She has developed a malware program that doesn’t require any user interaction and wants to see how far it will spread through the network. Which of the following types of malware is she using?
answer
Virus
Worm
Spyware
Trojan horse
Worm
Which of the following parts of the Trojan horse packet installs the malicious code onto the target machine?
answer
Server
Dropper
Construction kit
Wrapper
Dropper
Heather wants to gain remote access to Randy’s machine. She has developed a program and hidden it inside a legitimate program that she is sure Randy will install on his machine. Which of the following types of malware is she using?
answer
Worm
Spyware
Trojan horse
Virus
Trojan horse
Listen to exam instructions
Which of the following malware types shows the user signs of potential harm that could occur if the user doesn’t take a certain action?
answer
Spyware
Scareware
Adware
Ransomware
Scareware
Listen to exam instructions
Patrick is planning a penetration test for a client. As part of this test, he will perform a phishing attack. He needs to create a virus to distribute through email and run a custom script that will let him track who has run the virus. Which of the following programs will allow him to create this virus?
answer
Webroot
JPS
ProRat
TCPView
JPS
Rudy is analyzing a piece of malware discovered in a pentest. He has taken a snapshot of the test system and will run the malware. He will take a snapshot afterwards and monitor different components such as ports, processes, event logs, and more for any changes. Which of the following processes is he using?
answer
Malware disassembly
Host integrity monitoring
Static analysis
Sheep dipping
Host integrity monitoring
Listen to exam instructions
Analyzing emails, suspect files, and systems for malware is known as which of the following?
answer
Integrity checking
Sheep dipping
Dynamic analysis
Static analysis
Sheep dipping
Which of the following best describes an anti-virus sensor system?
answer
Software that is used to protect a system from malware infections.
Analyzing the code of malware to understand its purpose without running it.
Analyzing malware by running and observing its behavior and effects.
A collection of software that detects and analyzes malware.
A collection of software that detects and analyzes malware.
