Ethical Hacking CH8

What command is used to listen to open ports with netstat? A. netstat -an B. netstat -ports C. netstat -n D. netstat -s

A. netstat -an

What is a covert channel? A. An obvious method of using a system B. A backdoor C. A Trojan on a system D. A defined process in a system

B. A backdoor

Which of the following is/are true of a worm? A. A worm is a one kind of Trojan. B. A worm replicates on its own. C. A worm replicates with user interaction. D. A worm is an item that runs silent

B. A worm replicates on its own.

Prevention of viruses and malware includes ________. A. Pop- up blockers B. Antivirus software C. Buffer overflows D. All of the above

B. Antivirus software

What is not a benefit of hardware keyloggers? A. Easy to hide B. Difficult to install C. Difficult to detect D. Difficult to log

B. Difficult to install

Which of the following is a characteristic of adware? A. Gathering information B. Displaying pop-ups C. Intimidating users D. Replicating

B. Displaying pop-ups

Multipartite viruses come in encrypted form. A. True B. False

B. False

Scareware is harmless. A. True B. False

B. False

Viruses do not require a host program. A. True B. False

B. False

Which utility will tell you in real time GUI, which ports are listening or established? A. Netstat B. TCPView C. Nmap D. Loki

B. TCPView

A logic bomb has how many parts, typically? A. One B. Two (trigger and payload) C. Three D. Four

B. Two (trigger and payload)

Which is/are a characteristic of a virus? A. A virus is not a malware. B. A virus replicates on its own. C. A virus replicates with user interaction. D. A virus is an item that runs silently

C. A virus replicates with user interaction.

A covert channel or backdoor may be detected using all of the following except _________ . A. Nmap B. Sniffers C. An SDK D. Netca

C. An SDK

A polymorphic virus __________ . A. Evades detection through backdoors B. Evades detection through heuristics C. Evades detection through rewriting itself D. Evades detection through luck

C. Evades detection through rewriting itself

A sparse infector virus ______________ . A. Creates backdoors B. Infects data and executables C. Infects files selectively D. Rewrites itself

C. Infects files selectively

Which statement(s) defines malware most accurately? A. Malware is a form of virus. B. Trojans are malware. C. Malware covers all malicious software. D. Malware only covers spyware.

C. Malware covers all malicious software.

________ is designed to intimidate users. A. Adware B. Viruses C. Scareware D. Worms

C. Scareware

A remote access Trojan (RAT) would be used to do all of the following except ___________ . A. Steal information B. Remotely control a system C. Sniff traffic D. Attack another system

C. Sniff traffic

A Trojan relies on _________ to be activated. A. Vulnerabilities B. Trickery and deception C. Social engineering (to entice the victim to open/activate/click) D. Port redirection

C. Social engineering (to entice the victim to open/activate/click)

Which is used to intercept user information? A. Adware B. Scareware C. Spyware D. A virus

C. Spyware

________ is known to disable protective mechanisms on a system, such as antivirus software, anti-spyware software, and firewalls, and to report on a user's activities. A. Adware B. Scareware C. Spyware D. A virus

C. Spyware

Trojans are designed to be small and stealthy to: A. Bypass covert channels B. Bypass firewalls C. Bypass permissions D. Bypass detection

D. Bypass detection

A virus does not do which of the following? A. Replicate with user interaction B. Change configuration settings C. Exploit vulnerabilities D. Display pop-ups

D. Display pop-ups

Which of the following is one of the goals of Trojans? A. Sending data B. Changing system settings C. Opening overt channels D. Giving remote access

D. Giving remote access

Which of the following is not a Trojan? A. BO2K B. LOKI C. Subseven D. TCPTROJAN

D. TCPTROJAN

An overt channel is ______________. A. An obvious method of using a system B. A backdoor B. defined backdoor process in a system D. A Trojan on a system

A. An obvious method of using a system

Which of the following can limit the effect of worms? A. Antivirus software, firewalls, patches B. Anti-spyware, firewalls, patches C. Anti-worm software, firewalls, patches D. Anti-malware software

A. Antivirus software, firewalls, patches

Covert channels work over ________. A. Known channels B. Wireless C. Networks D. Security controls

A. Known channels

Which of the following is capable of port redirection? A. Netstat B. TCPView C. Netcat D. Loki

A. Netstat

A Trojan can include which of the following? A. RAT (Remote access Trojan) B. TCP C. Nmap D. Loki

A. RAT (Remote access Trojan)

What are worms typically known for? A. Rapid replication B. Configuration changes C. Identity theft D. DDoS

A. Rapid replication

________ record(s) a user's typing. A. Spyware B. Viruses C. Adware D. Malware

A. Spyware

A logic bomb is activated by which of the following? A. Time and date B. Vulnerability C. Actions D. Events

A. Time and date C. Actions D. Events

Backdoors on a system can be used to bypass firewalls and other protective measures. A. True B. False

A. True

Trojans are a type of malware. A. True B. False

A. True

Trojans can be used to open backdoors on a system. A. True B. False

A. True

Worms are designed to replicate repeatedly. A. True B. False

A. True

________ attach(es) to files. A. Viruses B. Worms C. Adware D. Spyware

A. Viruses