Module 4
python vol.py [plugin] -f [image] -profile=[profile name]
(Possible Test Question) Volatility command syntax
B. Worms
Are standalone malicious programs that replicate, execute, and spread across network connections independently, without human intervention. A. Virus B. Worms C. Crypter D. Downloader
C. Dropper
Attackers need to install the malware program or code on the system to make it run, and this program can do the installation task covertly. They can contain unidentifiable malware code undetected by the antivirus scanners and is capable of downloading additional files needed to execute the malware on a target system. A. Crypter B. Downloader C. Dropper D. Exploit
A. jv16 Power Tools 2017
Is a PC system utility software that works by cleaning out unneeded files and data, cleaning the Windows registry, automatically fixing system errors, and applying optimization to your system. It allows to scan and monitor the Registry A. jv16 Power Tools 2017 B. Netwrix C. BootRacer D. Splunk E. Volatility
A. Malware
Is a malicious software that damages or disables computer systems and gives limited or full control of the systems to the malware creator for the purpose of theft or fraud A. Malware B. Trojan Horse C. Backdoor D. Rootkit
B. Trojan Horse
Is a program in which the malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and cause damage, such as ruining the file allocation table on your hard disk. A. Malware B. Trojan Horse C. Backdoor D. Rootkit
C. Backdoor
Is a program that can bypass the standard system authentication or conventional system mechanism like IDS and firewalls without being detected. A. Malware B. Trojan Horse C. Backdoor D. Rootkit
E. Volatility
Is a python-based memory analysis tool that is capable of performing various forensic operations It can be used by the incident handler to analyze the digital artifacts from the memory dumps in order to identify any anomaly A. jv16 Power Tools 2017 B. Netwrix C. BootRacer D. Splunk E. Volatility
A. Virus
Is a self-replicating program that produces its code by attaching copies of itself to other executable codes and operates without the knowledge or desire of the user. A. Virus B. Worms C. Crypter D. Downloader
SSDT
Is a table present in the Windows operating system kernel, which stores the entry level addresses.
RogueKiller
Is an anti-malware that is able to detect and remove generic malware and advanced threats like rootkits, rogues, and worms. It also detects controversial programs (PUPs) as well as possible bad system modifications/corruption
D. Exploit
Part of the malware that contains code or sequence of commands that can take advantage of a bug or vulnerability in a digital system or device. It is the code the attackers use to breach the system's security through software vulnerabilities to spy the information or to install malware. A. Crypter B. Downloader C. Dropper D. Exploit
C. Crypter
Refers to a software program that can conceal the existence of malware. Attackers use this software to elude antivirus detection. It protects malware from undergoing reverse engineering or analysis, thus hard to get detected by the security mechanism. A. Virus B. Worms C. Crypter D. Downloader
D. Rootkit
These are software programs aimed to gain access to a computer without detection. These are malware that help the attackers to gain unauthorized access to a remote system and perform malicious activities. A. Malware B. Trojan Horse C. Backdoor D. Rootkit
D. Downloader
Type of Trojan that downloads other malware (or) malicious code and files from the internet on to the PC or device. Usually, attackers install them when they first gain access to a system. A. Virus B. Worms C. Crypter D. Downloader
