CH 8 Quiz Malware itn 261
A Trojan can include which of the following? RAT TCP Nmap Loki
RAT
What is a covert channel? An obvious method of using a system A defined process in a system A backdoor A Trojan on a system
A backdoor
A covert channel or backdoor may be detected using all of the following except __________. Nmap Sniffers An SDK Netcat
An SDK
An overt channel is __________. An obvious method of using a system A defined backdoor process in a system A backdoor A Trojan on a system
An obvious method of using a system
This virus is designed to infect and place its own code into the MBR of a system Logic bomb Multipartite Boot Sector Metamorphic
Boot Sector
These viruses hide in a host file without changing the host file's appearance, so detection becomes difficult. Many viruses that do this also implement stealth techniques Macro Cluster Stealth Cavity
Cavity
What is not a benefit of hardware keyloggers? Easy to hide Difficult to install Difficult to detect Difficult to log
Difficult to install
A polymorphic virus __________. Evades detection through backdoors Evades detection through heuristics Evades detection through rewriting itself Evades detection through luck
Evades detection through rewriting itself
A sparse infector virus __________. Creates backdoors Infects data and executables Infects files selectively Rewrites itself
Infects files selectively
This virus is designed to cause damage only on a certain date Logic bomb Multipartite Sparse sector Metamorphic
Logic bomb
These viruses infect Microsoft applications. Macro Cluster Stealth Encryption
Macro
Which of the following is capable of port redirection? Netstat TCPView Netcat Loki
Netcat
These are designed to change their code and shape to avoid detection by virus scanners, which look for a specific virus code and not the new version. They often employ engines to alter or mutate their code. Logic bomb Multipartite Polymorphic Metamorphic
Polymorphic
This type of malware is designed to replicate and attach itself to other files resident on the system. Virus Worm Trojan Horse Rootkit
Virus
What command is used to listen to open ports with netstat? netstat -an netstat -ports netstat -n netstat -s
netstat -an
This malware functions typically by searching for valuable files or data and encrypting them Ransomware Scareware Encryptionware Adware
Ransomware
What are worms typically known for? Rapid replication Configuration changes Identity theft DDoS
Rapid replication
A remote access Trojan would be used to do all of the following except __________. Steal information Remotely control a system Sniff traffic Attack another system
Sniff traffic
A Trojan relies on __________ to be activated . Vulnerabilities Trickery and deception Social engineering Port redirection
Social engineering