Extra Questions for Test 1 Prep

Question 1

A bot is a computer compromised by malware and under the control of a bot master (attacker).

Answer 1

False

Question 2

The best defense against being an unwitting participant in a DDoS attack is to prevent your systems from being compromised.

Answer 2

True

Question 3

Botnet command-and-control must be centralized, i.e., all bots communicate with a central server(s).

Answer 3

True

Question 4

Both static and dynamic analyses are needed in order to fully understand malware behaviors.

Answer 4

True

Question 5

The domain name(s) of the command and control server(s) of a botnet are pre-determined for the lifetime of the botnet.

Answer 5

False

Question 6

Some APT attacks last for years before they are detected.

Answer 6

True

Question 7

If we find that a botnet server is located in country X, we can be certain that criminals within country X control the botnet.

Answer 7

False

Question 8

A Botnet can use _______ for command-and-control.A. Email B. HTTP C. IRC D. All the above

Answer 8

All the Above

Question 9

In a ______ attack the attacker creates a series of DNS requests containing the spoofed source address for the target system.A. SYN flood B. DNS amplification C. poison packet D. UDP flood

Answer 9

B. DNS amplification

Question 10

Characteristics of APT include ______.(Advanced Persistent Threats)A. Using zero-day exploit B. Low-and-slow C. Targeting high-value data D. All the above

Answer 10

D. All the above