610.2

Question 1

What is malware?

Answer 1

Malware is malicious software designed to harm, exploit, or otherwise compromise a computer system.

Question 2

True or False: All malware is designed to steal personal information.

Answer 2

False

Question 3

Fill in the blank: The process of analyzing malware to understand its behavior is known as __________.

Answer 3

malware analysis

Question 4

What are the two main types of malware analysis?

Answer 4

Static analysis and dynamic analysis.

Question 5

What is static analysis?

Answer 5

Static analysis is the examination of malware without executing it, often by analyzing its code and structure.

Question 6

What is dynamic analysis?

Answer 6

Dynamic analysis is the examination of malware while it is executing in a controlled environment.

Question 7

Which tool is commonly used for static analysis of malware?

Answer 7

Disassemblers, such as IDA Pro or Ghidra.

Question 8

What is a sandbox in the context of malware analysis?

Answer 8

A sandbox is a controlled environment where malware can be executed safely for analysis.

Question 9

True or False: Reverse engineering is a technique used to understand how malware operates.

Answer 9

True

Question 10

What does the term ‘signature-based detection’ refer to?

Answer 10

A method of identifying malware by matching its known signatures against files.

Question 11

What is behavioral analysis in malware detection?

Answer 11

Behavioral analysis involves monitoring the actions of software to identify malicious behavior.

Question 12

Fill in the blank: The __________ is a common framework used for analyzing malware behavior.

Answer 12

MITRE ATT&CK framework

Question 13

What is the purpose of a hex editor in malware analysis?

Answer 13

A hex editor allows analysts to view and modify the raw binary data of files.

Question 14

What is obfuscation in malware?

Answer 14

Obfuscation is a technique used to make malware code difficult to understand or analyze.

Question 15

Which of the following is NOT a common malware type? (A) Virus (B) Worm (C) Firewall (D) Trojan

Answer 15

C) Firewall

Question 16

What is a rootkit?

Answer 16

A rootkit is a type of malware designed to gain unauthorized root access to a system while remaining hidden.

Question 17

True or False: Ransomware encrypts a user’s files and demands payment for decryption.

Answer 17

True

Question 18

What is the primary goal of a trojan horse?

Answer 18

To trick users into installing it by masquerading as legitimate software.

Question 19

Fill in the blank: The __________ is a tool used for network traffic analysis during malware investigations.

Answer 19

Wireshark

Question 20

What does the term ‘C2 server’ refer to in malware operations?

Answer 20

A command-and-control server used by attackers to remotely control compromised systems.

Question 21

What is a PE file?

Answer 21

A Portable Executable file format used in Windows operating systems for executable files, object code, and DLLs.

Question 22

True or False: Malware can only infect Windows operating systems.

Answer 22

False

Question 23

What is polymorphic malware?

Answer 23

Malware that can change its code or signature to evade detection.

Question 24

Fill in the blank: __________ is a technique used by malware to hide its presence on a system.

Answer 24

Stealth

Question 25

What is a backdoor in the context of malware?

Answer 25

A backdoor is a method of bypassing normal authentication to access a system.

Question 26

Which analysis technique involves examining the network activity of malware?

Answer 26

Network analysis

Question 27

What is the main purpose of a debugger in malware analysis?

Answer 27

To execute code step-by-step and inspect its state and behavior.

Question 28

True or False: Malware can be spread through email attachments.

Answer 28

True

Question 29

What is a dropper?

Answer 29

A dropper is a type of malware designed to install other malicious software on a system.

Question 30

Fill in the blank: __________ malware is designed to exploit vulnerabilities in software applications.

Answer 30

Exploit

Question 31

What is the role of antivirus software in malware detection?

Answer 31

To scan for, detect, and remove known malware from a system.

Question 32

True or False: Malware analysis is only performed by cybersecurity professionals.

Answer 32

False

Question 33

What does 'social engineering' refer to in the context of malware?

Answer 33

Manipulating individuals into divulging confidential information that can be used for malicious purposes.

Question 34

What is a keylogger?

Answer 34

A type of malware that records keystrokes made by a user to capture sensitive information.

Question 35

Fill in the blank: __________ is the practice of monitoring a system for unusual activity that may indicate a malware infection.

Answer 35

Threat hunting

Question 36

What is the significance of a malware sample?

Answer 36

A malware sample is a copy of malicious software used for analysis and research.

Question 37

True or False: Malware can be self-replicating.

Answer 37

True

Question 38

What is a botnet?

Answer 38

A network of compromised computers controlled by an attacker to perform coordinated tasks.

Question 39

What is the purpose of file integrity monitoring in malware detection?

Answer 39

To detect unauthorized changes to files that may indicate a malware infection.

Question 40

Fill in the blank: __________ is the process of documenting and reporting findings from malware analysis.

Answer 40

Malware reporting