Set 09 Flashcards
(11 cards)
Q91: Code-based architecture emulation is Easy to use, Fine-grained introspection, Powerful control over the system state.
As compare to Type1 and Typ2 Hypervisor, what is the main drawback of the machine emulator?
A. Low transparency, Unreliability support of architecture semantics.
B. Low transparency, Artifacts from paravirtualization
C. Less control over the system state.
D. Lack of fine-grained introspection, scalability and cost issues, slower to restore to clean state.
A. Low transparency, Unreliability support of architecture semantics.
Q92: There are people who are recruited by criminals to perform money laundering operations A. Money Mules B. Contractual Partners C. Outsource Criminal D,. White-Hat Hacker
A. Money Mules
Q93: Malware analysis is an important step in understanding malicious behaviors and properly updating our attack prevention and detection systems
Which of the following employs a wide range of evasion techniques?
A. Detecting the analysis environment.
B. Obfuscating malicious code
C. Trigger-conditions to execute
D. Option A, B, & C.
D. Option A, B, & C.
Q94: A method for discovering vulnerabilities, bugs and crashes in software by feeding randomized inputs to programs is called A. Concolic Execution B. Fuzzing C. Dynamic analysis D. Static Analysis
B. Fuzzing
Q95: What is the main problem with Domain Name System (DNS) A. Confidentiality B. Authorization C. Integrity D. Authentication
D. Authentication
Q96: The security procedures and incident supervision filed contain many subject. From a technical perspective, SOIM requires the capability to witness the activity of an information system network, by gathering traces that are illustrative of this activity.
Real-time traces analysis is required to detect what?
A. Malicious events
B. Internet worms, Browser Hijacker and Web Scripting Virus
C. Instant Messaging Worms, Overwrite Virus and File Infector
D. Computer worms and multipartite Virus
A. Malicious events
Q97: Which of the following provides a way to reference specific versions of products? A. SRE- B. NIST C. CVE D. CTI
A. SRE-
Q98: Static analysis involves examine the code (source, intermediate, or binary) to assess behaviors of a program without actually executing it and wide range of malware analysis techniques fall into the category of static analysis.
What is/are the main limitations of this technique?
A. The analysis output may not be consistent with the actual malware behaviors (at runtime)
B. It is not possible to precisely determine a program’s behavior’s statically (i.e. without the actual runtime input data)
C. The packed code cannot be statically analyzed as it is encrypted and compressed data until unpacked into executable code at run-time.
D. All the above reasons are the main limitations of static anlysis
D. All the above reasons are the main limitations of static anlysis
Q99: A technique used by cyber criminal where they use multiple servers associated with Command-and-Control infrastructure and rotate them qyuickly to make their infrastructure more resilient, is called? A. Rotate Flux B. Fast Flux C. Shut Down Flux - D. Domain Flux
C. Shut Down Flux -
Q100: _____ targets a specific organization rather than aiming to launch large-scale attacks.
A. Spam and Phish emails
B. PowerShell to Inject Malware
C. Advanced Persistent Treats (APTs)
D. Distributed Denial-of-Service (DDoS) Attack
D. Distributed Denial-of-Service (DDoS) Attack
Q100B: Wat are Potentially Unwanted Program (PUPs)?
A. A kind of malicious .exe file that is downloaded within a movie.
B. A third-party software that is harmful for Operating Systems
C. A plugin installed in a Web Browser
D. A piece of code that is part of a useful program downloaded by a user
B. A third-party software that is harmful for Operating Systems
