Questão 1
Questão
What is a Trojan?
Responda
-
a. Backdoor malware
-
b. Virus
-
c. Worm
Questão 2
Questão
What technique does Zberb use to remain invisible on a system?
Questão 3
Questão
How can malware infections be prevented?
Questão 4
Questão
How should you check your system for infection?
Responda
-
a. Using checksum method to check file integrity
-
b. Using malware scanners
-
c. Checking for suspicious looking files and network connections
Questão 5
Questão
What is the use of a DoS attack Trojan?
Questão 6
Questão
A tool to monitor file integrity is:
Responda
-
a. Tripwire
-
b. Netcat
-
c. HiJackThis
Questão 7
Questão
Which is a port monitoring tool?
Responda
-
a. Carberb
-
b. CM tool
-
c. Sigcheck
Questão 8
Questão
Which tool is used for sniffing a network?
Responda
-
a. Billy Bastard
-
b. Ophcrack
-
c. Cain and Abel
Questão 9
Questão
How is a salted password validated?
Responda
-
a. Retrieve the salt and hash from the database; Append the salt and the hash again with the same algorithm; Check for the resulting password hash, match or not
-
b. Check for the resulting password hash, match or not; Retrieve the salt and hash from the database; Append the salt and the hash again with the same algorithm
-
c. Append the salt and the hash again with the same algorithm; Check for the resulting password hash, match or not; Retrieve the salt and hash from the database
Questão 10
Questão
Which utility is used for a hash insertion attack?
Responda
-
a. Kerbcrack
-
b. NTPASSWD
-
c. iKey 2032
Questão 11
Questão
On which system do alternate data streams work?
Questão 12
Questão
What is steganography?
Questão 13
Questão
Steganography can be used as a substitute for which encryption values?
Responda
-
a. symmetric
-
b. asymmetric
-
c. one-way hash
Questão 14
Questão
Using alternate data streams negatively impacts the file.
Questão 15
Questão
What type of encryption does NTLM use?
Responda
-
a. Symmetric
-
b. Asymmetric
-
c. One-way hash
Questão 16
Questão
How can an MD5 hash be cracked?
Responda
-
a. Brute-force attack
-
b. Rainbow table attack
-
c. Dictionary attack
Questão 17
Questão
For what purpose is the pass-the-hash technique used?
Questão 18
Questão
How can password guessing be prevented?
Questão 19
Questão
Which of the following operating systems employs Kerberos authentication?
Responda
-
a. Windows 2000
-
b. Windows NT SP3
-
c. Windows 98
Questão 20
Questão
Which of the following is not true about Certification Authority?
Responda
-
a. It is a third party that issues digital certificates
-
b. It is a third party that encrypts information for people
-
c. CA validates the identity of the certificate holder
Questão 21
Questão
Which of the following are rootkit functionalities?
Responda
-
a. To hide OS processes
-
b. To elevate the privileges of processes
-
c. To hide files or registry entries
-
d. To delete or audit logs
-
e. All of the above
Questão 22
Questão
Which process stage does not verify or try to exploit the vulnerability, just lists and ranks the identified weaknesses?
Questão 23
Questão
How can rootkits be prevented?
Responda
-
a. By using updated antivirus
-
b. By using anti-rootkits
-
c. By reinstalling the operating system
Questão 24
Questão
Which is the strongest password among these?
Responda
-
a. Password
-
b. Airplane
-
c. P@5S\/\/OrD
Questão 25
Questão
What is the maximum length of a LanMan Hash?
Questão 26
Questão
Which is a non-technical type of social engineering attack?
Questão 27
Questão
What is the correct order of the challenge-response process of Windows authentication?
Responda
-
a. Response, login request, result, challenge
-
b. Challenge, login request, response, result
-
c. Login request, challenge, response, result
-
d. Result, challenge, login request, response
Questão 28
Questão
What is needed to successfully crack an FTP password?
Responda
-
a. A good word list
-
b. A Windows system
-
c. Syskey
Questão 29
Questão
What is a good password policy to implement in an organization?
Responda
-
a. Do not use old passwords
-
b. Change your passwords every 2 weeks
-
c. Do not use a dictionary word
-
d. All of these
Questão 30
Questão
In which file are Windows passwords stored?
Responda
-
a. Boot.ini file
-
b. SAM file
-
c. Hosts file
-
d. None of these
Questão 31
Questão
Which tool can be used to crack a Windows password protected with Syskey?
Responda
-
a. BKhive
-
b. Cain and Abel
-
c. LC4
Questão 32
Questão
Which is the best hardware to crack a password?
Questão 33
Questão
What type of password hash is this: 2ea886556a3a225a18bf4bcc425486db ?
Questão 34
Questão
Which of these is not a countermeasure against attacks?
Responda
-
a. Use self-encrypting drives
-
b. Disable the storage of the LM hash
-
c. Disable the LM authentication
-
d. None of these
Questão 35
Questão
Which tools can be used to sniff traffic on a network?
Responda
-
a. L0phtcrack
-
b. Cain and Abel
-
c. TSGrinder
Questão 36
Questão
How can LM hash storage be disabled?
Questão 37
Questão
What type of authentication protocols does Windows support?
Responda
-
a. LM
-
b. NTLM
-
c. NTLMv2
-
d. All of these
Questão 38
Questão
Which of the following are tools that can be used to extract hidden data using steganography?
Responda
-
a. Stegdetect
-
b. Cain and Abel
-
c. Stream Explorer
Questão 39
Questão
A hash injection attack is possible due to?
Responda
-
a. Network access
-
b. Physical access
-
c. Viruses and backdoors
Questão 40
Questão
Which utility is used for hash injection attacks?
Responda
-
a. Kerbcrack
-
b. NTPASSWD
-
c. iKey 2032
Questão 41
Questão
Which of the following .exe of a Trojan is executed on a victim machine?
Responda
-
a. Builder.exe
-
b. Server.exe
-
c. Client.exe
Questão 42
Questão
SigCheck is a download offered by Microsoft.
Questão 43
Questão
Elite wrapper is a tool to :
Questão 44
Questão
How is Fully Undetectable (FUD) malware created?
Responda
-
a. Using .exe wrappers
-
b. Using hex editors
-
c. Using steganography
Questão 45
Questão
What is a Trojan.FakeAV?
Responda
-
a. Malware behaving as an antivirus
-
b. Tool to detect malware
-
c. Tool to make FUD malware
Questão 46
Questão
Which is a ransomware?
Responda
-
a. Trojan
-
b. Virus
-
c. Worm
Questão 47
Questão
What is the effect of SMS Trojans?
Questão 48
Questão
What is email harvesting?
Questão 49
Questão
What is the full form of UDP?
Questão 50
Questão
Identify the spyware.
Questão 51
Questão
Pick the non-legitimate software.
Questão 52
Questão
How does a virus spread between computers?
Questão 53
Questão
Spyware are malicious programs that, after downloading themselves on a PC, begin to transmit some type of information through the Internet, except:
Questão 54
Questão
Which is not a method of spyware distribution?
Questão 55
Questão
What is the common IANA registered Port for Kerberos?
Responda
-
a. UDP Port 123
-
b. TCP Port 119
-
c. UDP Port 161
-
d. TCP Port 88
Questão 56
Questão
Which type of keylogger remains undetected by both antispyware and antivirus programs?
Responda
-
a. Hardware Keylogger
-
b. Software Keylogger
Questão 57
Questão
A program designed to trace every keystroke on the machine on which it is installed to steal the personal information of the user is called a:
Responda
-
a. Virus
-
b. Keylogger
-
c. Worm
-
d. Trojan
Questão 58
Questão
Spyware is a program that runs in stealth mode. What is this program otherwise called that gathers and records sensitive information available on your PC?
Responda
-
a. Virus
-
b. Spybot
-
c. Cookies
Questão 59
Questão
Pick the odd one out.
Questão 60
Questão
SetWindowsHookEx() is a Windows function used by:
Responda
-
a. Software keyloggers
-
b. Hardware keyloggers
Questão 61
Questão
The memory injection-based keyloggers can alter while patching the memory table of your PC and browser, and help the hackers gain control over your personal data. An example of Trojans that use memory injection-based keyloggers is:
Responda
-
a. Hyper-V
-
b. API
-
c. Zeus
-
d. Ultimate Keylogger
Questão 62
Questão
What is not true about Social Engineering?
Responda
-
a. It uses social tactics to gain information.
-
b. It uses high-end technologies.
-
c. Exploits the trust of the victims.
Questão 63
Questão
Select all the countermeasures that can keep you safe from spyware and keyloggers.
Responda
-
a. Expensive antivirus
-
b. Use of a firewall
-
c. KeyScrambler
-
d. Use of freeware
Questão 64
Questão
The majority of keyloggers are used by hackers to steal people’s confidential information, but there are few exceptions like Amac and:
Responda
-
a. Ultimate Keylogger
-
b. Hyper-V
-
c. SpyEye
Questão 65
Questão
Pick the non-legitimate software.
Questão 66
Questão
Which of these is the odd one out?
Questão 67
Questão
Spyware activity can cause the following except:
Questão 68
Questão
Antivirus and antispyware programs fail to detect kernel-based keyloggers because, they . (Select all that apply.)
Questão 69
Questão
Though hackers are always a step ahead, even sophisticated spyware programs cannot:
Questão 70
Questão
It is safe to install all search engine toolbars?
Questão 71
Questão
Identify the hardware keyloggers.
Responda
-
a. Form grabbing
-
b. Wireless keyloggers
-
c. API
-
d. Keyboard overlays
Questão 72
Questão
Which of the following, when installed on a PC, can include a kernel-based keylogger?
Responda
-
a. Trojans
-
b. Rootkits
-
c. Drive-by downloads
Questão 73
Questão
The following steps can help you stay protected, except :
Questão 74
Questão
Select all the programs that will protect your PC.
Responda
-
a. KeyScrambler
-
b. HiJackThis
-
c. Torrent
-
d. Comodo
Questão 75
Questão
Almost all programs contain spyware code.
Questão 76
Questão
Antivirus software is spyware.
Questão 77
Questão
There is a difference between legitimate tracking software and spyware.
Questão 78
Questão
When you visit some websites, you will get a popup asking you to install ActiveX or a similar plug-in. This is known as a drive-by download.
Questão 79
Questão
The keylogger works in combination with spyware and cannot be programmed to start and end when the user is prompted to enter a username and password in any browser window.
Questão 80
Questão
Antivirus and antispyware programs can detect the data stored in the hardware keyloggers?
Questão 81
Questão
Zeus can alter the memory table that is associated with your browser and control the logging functions.
Questão 82
Questão
Amac is a keylogger designed for the Windows operating system.
Questão 83
Questão
Keyloggers run at ring 0.
Questão 84
Questão
Built-in firewalls are easy to turn off.
Questão 85
Questão
What is a Netcat?
Responda
-
a. Network port scanner
-
b. Virus
-
c. Trojan
Questão 86
Questão
Which tool is used to replace the .exe icon?
Responda
-
a. Exe icon
-
b. Netcat
-
c. Sandbox
Questão 87
Questão
The pattern that can be used to identify a virus is known as:
Responda
-
a. Stealth
-
b. Virus signature
-
c. Armoured
Questão 88
Questão
Which one of the following is not an attack, but a search for vulnerabilities to attack?
Responda
-
a. Denial-of-service
-
b. Port scanning
-
c. Dumpster diving
Questão 89
Questão
Which one can’t spread viruses?
Questão 90
Questão
Programs that come into a computer system disguised as something else are called:
Responda
-
a. Spoofers
-
b. Loggers
-
c. Trojans
Questão 91
Responda
-
a. Network Mapper
-
b. NetBIOS Mapper
-
c. Network Map
Questão 92
Questão
Which is the best way to test or analyse malware?
Questão 93
Questão
Which is a function of Nmap?
Responda
-
a. Virus detection
-
b. Malware removal
-
c. Network scanning
Questão 94
Questão
What is the name of a hardware-based malware detection tool?
Responda
-
a. Adaptive DarkNet
-
b. Dr.Web
-
c. McAfee
Questão 95
Questão
How can malware infection be cured?
Questão 96
Questão
What is a Trojan-Game Thief?
Questão 97
Questão
Which step is essential for the organization to be compliant with certain ISOs or other certification bodies?
Questão 98
Questão
You may give someone your password if:
Responda
-
a. It is never OK to give out your password
-
b. Your boss asks you for your password
-
c. The Helpdesk asks you for your password
-
d. you send it by e‐mail and change it soon afterwards
Questão 99
Questão
Find the odd one out.
Responda
-
a. ECB
-
b. CBC
-
c. PKC
-
d. OFB
Questão 100
Questão
Pick the wrong statement(s) about Encryption.
Responda
-
a. It is an irreversible process.
-
b. It can be used to prove the identity of a person.
-
c. Non-repudiation is ensured.
-
d. It cannot ensure the integrity of data.