Ch. 14

Question 1

What type of malware analysis involves the execution of malware to examine its conduct and impact on system resources and network?

Answer 1

Dynamic analysis

Question 2

What is a common technique used to distribute malware on the web with tactics such as keyword stuffing, doorway pages, page swapping, and adding unrelated keywords to get higher search-engine ranking for malware pages?

Answer 2

Blackhat SEO

Question 3

What is a common technique used to distribute malware on the web by mimicking legitimate institutions in an attempt to steal passwords, credit cards, and bank account data?

Answer 3

Spear phishing sites

Question 4

What is a static malware analysis technique that uses unique hash values to help investigators recognize files that are sensitive to tracking and identify similar programs from a database?

Answer 4

File fingerprinting

Question 5

What is a common technique used to distribute malware on the web when an attacker exploits flaws in browser software to install malware just by merely visiting a webstie?

Answer 5

Drive-by downloads

Question 6

Which type of dynamic malware analysis involves monitoring process, examining event logs, looking for connected ports, examining DNS entries, and other forms of monitoring?

Answer 6

Observing runtime behavior

Question 7

What tool for Windows shows real-time file system, registry, and process/thread activity and combines the features of two Sysinternals utilities, Filemon and Regmon?

Answer 7

Process Monitor