8.4.12 - Cover Your Tracks (Practice Questions)
Steganography
The method of embedding data into legitimate files like graphics to hide it and then extracting the data once it reaches its destination is called:
Searches for execution path hooking, which allows a function value in an accessible environment to be changed.
Which of the following best describes the heuristic or behavior-based detection method?
Sirefef
Which of the following is also known as ZeroAccess and has virus, Trojan horse, and rootkit components?
Steganography
Cameron wants to send secret messages to his friend Brandon, who works at a competitor's company. To secure these messages, he uses a technique to hide a secret message within a video. Which of the following technique is he using?
Touch
James, a hacker, has hacked into a Unix system and wants to change the timestamps on some files to hide his tracks. Which of the following timestamp tools would he most likely use?
Integrity-based
Jerry runs a tool to scan a clean system to create a database. The tool then scans the system again and compares the second scan to the clean database. Which of the following detection methods is Jerry using?
Malicious alternate data streams.
Mark is moving files from a device that is formatted using NTFS to a device that is formatted using FAT. Which of the following is he trying to get rid of?
auditpol
Phil, a hacker, has found his way into a secure system. He is looking for a Windows utility he can use to retrieve, set, back up, and restore logging policies. Which of the following utilities should he consider?
A tool that can remove files and clear internet browsing history. It also frees up hard disk space. It clears the temporary files, history, and cookies from each of the six major search engines.
Which of the following best describes CCleaner?
Can modify the operating system and the utilities of the target system.
Which of the following best describes a rootkit?
Hiding evidence
Which of the following could a hacker use Alternate Data Streams (ADS) for?
A black hat hacker
Who would be most likely to erase only parts of the system logs file?
System log files
You believe your system has been hacked. Which of the following is the first thing you should check?
