Ethical Hacking CH8
What command is used to listen to open ports with netstat? A. netstat -an B. netstat -ports C. netstat -n D. netstat -s
A. netstat -an
What is a covert channel? A. An obvious method of using a system B. A backdoor C. A Trojan on a system D. A defined process in a system
B. A backdoor
Which of the following is/are true of a worm? A. A worm is a one kind of Trojan. B. A worm replicates on its own. C. A worm replicates with user interaction. D. A worm is an item that runs silent
B. A worm replicates on its own.
Prevention of viruses and malware includes ________. A. Pop- up blockers B. Antivirus software C. Buffer overflows D. All of the above
B. Antivirus software
What is not a benefit of hardware keyloggers? A. Easy to hide B. Difficult to install C. Difficult to detect D. Difficult to log
B. Difficult to install
Which of the following is a characteristic of adware? A. Gathering information B. Displaying pop-ups C. Intimidating users D. Replicating
B. Displaying pop-ups
Multipartite viruses come in encrypted form. A. True B. False
B. False
Scareware is harmless. A. True B. False
B. False
Viruses do not require a host program. A. True B. False
B. False
Which utility will tell you in real time GUI, which ports are listening or established? A. Netstat B. TCPView C. Nmap D. Loki
B. TCPView
A logic bomb has how many parts, typically? A. One B. Two (trigger and payload) C. Three D. Four
B. Two (trigger and payload)
Which is/are a characteristic of a virus? A. A virus is not a malware. B. A virus replicates on its own. C. A virus replicates with user interaction. D. A virus is an item that runs silently
C. A virus replicates with user interaction.
A covert channel or backdoor may be detected using all of the following except _________ . A. Nmap B. Sniffers C. An SDK D. Netca
C. An SDK
A polymorphic virus __________ . A. Evades detection through backdoors B. Evades detection through heuristics C. Evades detection through rewriting itself D. Evades detection through luck
C. Evades detection through rewriting itself
A sparse infector virus ______________ . A. Creates backdoors B. Infects data and executables C. Infects files selectively D. Rewrites itself
C. Infects files selectively
Which statement(s) defines malware most accurately? A. Malware is a form of virus. B. Trojans are malware. C. Malware covers all malicious software. D. Malware only covers spyware.
C. Malware covers all malicious software.
________ is designed to intimidate users. A. Adware B. Viruses C. Scareware D. Worms
C. Scareware
A remote access Trojan (RAT) would be used to do all of the following except ___________ . A. Steal information B. Remotely control a system C. Sniff traffic D. Attack another system
C. Sniff traffic
A Trojan relies on _________ to be activated. A. Vulnerabilities B. Trickery and deception C. Social engineering (to entice the victim to open/activate/click) D. Port redirection
C. Social engineering (to entice the victim to open/activate/click)
Which is used to intercept user information? A. Adware B. Scareware C. Spyware D. A virus
C. Spyware
________ is known to disable protective mechanisms on a system, such as antivirus software, anti-spyware software, and firewalls, and to report on a user's activities. A. Adware B. Scareware C. Spyware D. A virus
C. Spyware
Trojans are designed to be small and stealthy to: A. Bypass covert channels B. Bypass firewalls C. Bypass permissions D. Bypass detection
D. Bypass detection
A virus does not do which of the following? A. Replicate with user interaction B. Change configuration settings C. Exploit vulnerabilities D. Display pop-ups
D. Display pop-ups
Which of the following is one of the goals of Trojans? A. Sending data B. Changing system settings C. Opening overt channels D. Giving remote access
D. Giving remote access
Which of the following is not a Trojan? A. BO2K B. LOKI C. Subseven D. TCPTROJAN
D. TCPTROJAN
An overt channel is ______________. A. An obvious method of using a system B. A backdoor B. defined backdoor process in a system D. A Trojan on a system
A. An obvious method of using a system
Which of the following can limit the effect of worms? A. Antivirus software, firewalls, patches B. Anti-spyware, firewalls, patches C. Anti-worm software, firewalls, patches D. Anti-malware software
A. Antivirus software, firewalls, patches
Covert channels work over ________. A. Known channels B. Wireless C. Networks D. Security controls
A. Known channels
Which of the following is capable of port redirection? A. Netstat B. TCPView C. Netcat D. Loki
A. Netstat
A Trojan can include which of the following? A. RAT (Remote access Trojan) B. TCP C. Nmap D. Loki
A. RAT (Remote access Trojan)
What are worms typically known for? A. Rapid replication B. Configuration changes C. Identity theft D. DDoS
A. Rapid replication
________ record(s) a user's typing. A. Spyware B. Viruses C. Adware D. Malware
A. Spyware
A logic bomb is activated by which of the following? A. Time and date B. Vulnerability C. Actions D. Events
A. Time and date C. Actions D. Events
Backdoors on a system can be used to bypass firewalls and other protective measures. A. True B. False
A. True
Trojans are a type of malware. A. True B. False
A. True
Trojans can be used to open backdoors on a system. A. True B. False
A. True
Worms are designed to replicate repeatedly. A. True B. False
A. True
________ attach(es) to files. A. Viruses B. Worms C. Adware D. Spyware
A. Viruses