Chap 9 Practice Ethical Hacker

Anti-malware software utilizes different methods to detect malware. One of these methods is scanning. What best describes scanning?

Scanning uses live system monitoring to detect malware immediately. The technique utilizes a database that needs to be updated regularly. Scanning is the quickest way to catch malware programs

What type of malware shows the user signs of potential harm that could occur if the user doesn't take a certain action?

Scareware

Heather is performing a pen test of her client's malware protection. She developed a program that doesn't require any user interaction and wants to see how far it will spread through the network. What type of malware is she using?

Worm

Daphne suspects a Trojan horse is installed on her system. She wants to check all active network connections to see which programs are making connections and the FQDN of where the programs are connecting to. What command will allow her to do this?

netstat -f -b

The program shown is a crypter. What best defines what this program does?

Crypters encrypt obfuscate and manipulate malware to make it difficult to detect

A virus has replicated itself throughout infected systems and is executing its payload. Which phase of the virus life cycle is this?

Launch

What law is designed to regulate emails?

CAN-SPAM

Daphne has determined that she has malware on her Linux machine. She prefers to use only open-source software. What anti-malware software should she use?

ClamAV

What best describes an anti-virus sensor system?

Collection of software that detects and analyzes malware

Which part of a Trojan Horse packet installs code onto the target machine?

Dropper

What is the first thing you should do if malware is found on a system?

Isolate the system from the network immediately

What malware is triggered by events like programs being executed?

Logic Bomb

Analyzing emails, suspect files, and systems for malware is known as what?

Sheep Dipping

Heather wants to gain remote access to Randy's machine. She developed a program hidden inside a legit program that she is sure Randy will install on his machine. What type of malware is being used?

Trojan horse

Randy is analyzing a piece of malware discovered in a pen test. He has taken a snapshot of the test system and will run the malware. He will take a snapshot afterwards and monitor different components like ports, processes, event logs, and more for major changes. What process is he using?

Host Integrity Monitoring

Patrick is planning a pen test for a client. As part of the test, he will perform a phishing attack. He needs to create a virus to distribute through email and run a custom script that will let him track who has run the virus. What program will allow him to create the virus?

JPS

Part of a pen test is checking for malware vulnerabilities. During the process the tester will need to manually check many different areas of the system. After these checks have been completed, what is the next step?

Run anti-malware scans