Question 1
Question
What is a Trojan?
Answer
-
a. Backdoor malware
-
b. Virus
-
c. Worm
Question 2
Question
What technique does Zberb use to remain invisible on a system?
Question 3
Question
How can malware infections be prevented?
Question 4
Question
How should you check your system for infection?
Answer
-
a. Using checksum method to check file integrity
-
b. Using malware scanners
-
c. Checking for suspicious looking files and network connections
Question 5
Question
What is the use of a DoS attack Trojan?
Question 6
Question
A tool to monitor file integrity is:
Answer
-
a. Tripwire
-
b. Netcat
-
c. HiJackThis
Question 7
Question
Which is a port monitoring tool?
Answer
-
a. Carberb
-
b. CM tool
-
c. Sigcheck
Question 8
Question
Which tool is used for sniffing a network?
Answer
-
a. Billy Bastard
-
b. Ophcrack
-
c. Cain and Abel
Question 9
Question
How is a salted password validated?
Answer
-
a. Retrieve the salt and hash from the database; Append the salt and the hash again with the same algorithm; Check for the resulting password hash, match or not
-
b. Check for the resulting password hash, match or not; Retrieve the salt and hash from the database; Append the salt and the hash again with the same algorithm
-
c. Append the salt and the hash again with the same algorithm; Check for the resulting password hash, match or not; Retrieve the salt and hash from the database
Question 10
Question
Which utility is used for a hash insertion attack?
Answer
-
a. Kerbcrack
-
b. NTPASSWD
-
c. iKey 2032
Question 11
Question
On which system do alternate data streams work?
Question 12
Question
What is steganography?
Question 13
Question
Steganography can be used as a substitute for which encryption values?
Answer
-
a. symmetric
-
b. asymmetric
-
c. one-way hash
Question 14
Question
Using alternate data streams negatively impacts the file.
Question 15
Question
What type of encryption does NTLM use?
Answer
-
a. Symmetric
-
b. Asymmetric
-
c. One-way hash
Question 16
Question
How can an MD5 hash be cracked?
Answer
-
a. Brute-force attack
-
b. Rainbow table attack
-
c. Dictionary attack
Question 17
Question
For what purpose is the pass-the-hash technique used?
Question 18
Question
How can password guessing be prevented?
Question 19
Question
Which of the following operating systems employs Kerberos authentication?
Answer
-
a. Windows 2000
-
b. Windows NT SP3
-
c. Windows 98
Question 20
Question
Which of the following is not true about Certification Authority?
Answer
-
a. It is a third party that issues digital certificates
-
b. It is a third party that encrypts information for people
-
c. CA validates the identity of the certificate holder
Question 21
Question
Which of the following are rootkit functionalities?
Answer
-
a. To hide OS processes
-
b. To elevate the privileges of processes
-
c. To hide files or registry entries
-
d. To delete or audit logs
-
e. All of the above
Question 22
Question
Which process stage does not verify or try to exploit the vulnerability, just lists and ranks the identified weaknesses?
Question 23
Question
How can rootkits be prevented?
Answer
-
a. By using updated antivirus
-
b. By using anti-rootkits
-
c. By reinstalling the operating system
Question 24
Question
Which is the strongest password among these?
Answer
-
a. Password
-
b. Airplane
-
c. P@5S\/\/OrD
Question 25
Question
What is the maximum length of a LanMan Hash?
Question 26
Question
Which is a non-technical type of social engineering attack?
Question 27
Question
What is the correct order of the challenge-response process of Windows authentication?
Answer
-
a. Response, login request, result, challenge
-
b. Challenge, login request, response, result
-
c. Login request, challenge, response, result
-
d. Result, challenge, login request, response
Question 28
Question
What is needed to successfully crack an FTP password?
Answer
-
a. A good word list
-
b. A Windows system
-
c. Syskey
Question 29
Question
What is a good password policy to implement in an organization?
Answer
-
a. Do not use old passwords
-
b. Change your passwords every 2 weeks
-
c. Do not use a dictionary word
-
d. All of these
Question 30
Question
In which file are Windows passwords stored?
Answer
-
a. Boot.ini file
-
b. SAM file
-
c. Hosts file
-
d. None of these
Question 31
Question
Which tool can be used to crack a Windows password protected with Syskey?
Answer
-
a. BKhive
-
b. Cain and Abel
-
c. LC4
Question 32
Question
Which is the best hardware to crack a password?
Question 33
Question
What type of password hash is this: 2ea886556a3a225a18bf4bcc425486db ?
Question 34
Question
Which of these is not a countermeasure against attacks?
Answer
-
a. Use self-encrypting drives
-
b. Disable the storage of the LM hash
-
c. Disable the LM authentication
-
d. None of these
Question 35
Question
Which tools can be used to sniff traffic on a network?
Answer
-
a. L0phtcrack
-
b. Cain and Abel
-
c. TSGrinder
Question 36
Question
How can LM hash storage be disabled?
Question 37
Question
What type of authentication protocols does Windows support?
Answer
-
a. LM
-
b. NTLM
-
c. NTLMv2
-
d. All of these
Question 38
Question
Which of the following are tools that can be used to extract hidden data using steganography?
Answer
-
a. Stegdetect
-
b. Cain and Abel
-
c. Stream Explorer
Question 39
Question
A hash injection attack is possible due to?
Answer
-
a. Network access
-
b. Physical access
-
c. Viruses and backdoors
Question 40
Question
Which utility is used for hash injection attacks?
Answer
-
a. Kerbcrack
-
b. NTPASSWD
-
c. iKey 2032
Question 41
Question
Which of the following .exe of a Trojan is executed on a victim machine?
Answer
-
a. Builder.exe
-
b. Server.exe
-
c. Client.exe
Question 42
Question
SigCheck is a download offered by Microsoft.
Question 43
Question
Elite wrapper is a tool to :
Question 44
Question
How is Fully Undetectable (FUD) malware created?
Answer
-
a. Using .exe wrappers
-
b. Using hex editors
-
c. Using steganography
Question 45
Question
What is a Trojan.FakeAV?
Answer
-
a. Malware behaving as an antivirus
-
b. Tool to detect malware
-
c. Tool to make FUD malware
Question 46
Question
Which is a ransomware?
Answer
-
a. Trojan
-
b. Virus
-
c. Worm
Question 47
Question
What is the effect of SMS Trojans?
Question 48
Question
What is email harvesting?
Question 49
Question
What is the full form of UDP?
Question 50
Question
Identify the spyware.
Question 51
Question
Pick the non-legitimate software.
Question 52
Question
How does a virus spread between computers?
Question 53
Question
Spyware are malicious programs that, after downloading themselves on a PC, begin to transmit some type of information through the Internet, except:
Question 54
Question
Which is not a method of spyware distribution?
Question 55
Question
What is the common IANA registered Port for Kerberos?
Answer
-
a. UDP Port 123
-
b. TCP Port 119
-
c. UDP Port 161
-
d. TCP Port 88
Question 56
Question
Which type of keylogger remains undetected by both antispyware and antivirus programs?
Answer
-
a. Hardware Keylogger
-
b. Software Keylogger
Question 57
Question
A program designed to trace every keystroke on the machine on which it is installed to steal the personal information of the user is called a:
Answer
-
a. Virus
-
b. Keylogger
-
c. Worm
-
d. Trojan
Question 58
Question
Spyware is a program that runs in stealth mode. What is this program otherwise called that gathers and records sensitive information available on your PC?
Answer
-
a. Virus
-
b. Spybot
-
c. Cookies
Question 59
Question
Pick the odd one out.
Question 60
Question
SetWindowsHookEx() is a Windows function used by:
Answer
-
a. Software keyloggers
-
b. Hardware keyloggers
Question 61
Question
The memory injection-based keyloggers can alter while patching the memory table of your PC and browser, and help the hackers gain control over your personal data. An example of Trojans that use memory injection-based keyloggers is:
Answer
-
a. Hyper-V
-
b. API
-
c. Zeus
-
d. Ultimate Keylogger
Question 62
Question
What is not true about Social Engineering?
Answer
-
a. It uses social tactics to gain information.
-
b. It uses high-end technologies.
-
c. Exploits the trust of the victims.
Question 63
Question
Select all the countermeasures that can keep you safe from spyware and keyloggers.
Answer
-
a. Expensive antivirus
-
b. Use of a firewall
-
c. KeyScrambler
-
d. Use of freeware
Question 64
Question
The majority of keyloggers are used by hackers to steal people’s confidential information, but there are few exceptions like Amac and:
Answer
-
a. Ultimate Keylogger
-
b. Hyper-V
-
c. SpyEye
Question 65
Question
Pick the non-legitimate software.
Question 66
Question
Which of these is the odd one out?
Question 67
Question
Spyware activity can cause the following except:
Question 68
Question
Antivirus and antispyware programs fail to detect kernel-based keyloggers because, they . (Select all that apply.)
Question 69
Question
Though hackers are always a step ahead, even sophisticated spyware programs cannot:
Question 70
Question
It is safe to install all search engine toolbars?
Question 71
Question
Identify the hardware keyloggers.
Answer
-
a. Form grabbing
-
b. Wireless keyloggers
-
c. API
-
d. Keyboard overlays
Question 72
Question
Which of the following, when installed on a PC, can include a kernel-based keylogger?
Answer
-
a. Trojans
-
b. Rootkits
-
c. Drive-by downloads
Question 73
Question
The following steps can help you stay protected, except :
Question 74
Question
Select all the programs that will protect your PC.
Answer
-
a. KeyScrambler
-
b. HiJackThis
-
c. Torrent
-
d. Comodo
Question 75
Question
Almost all programs contain spyware code.
Question 76
Question
Antivirus software is spyware.
Question 77
Question
There is a difference between legitimate tracking software and spyware.
Question 78
Question
When you visit some websites, you will get a popup asking you to install ActiveX or a similar plug-in. This is known as a drive-by download.
Question 79
Question
The keylogger works in combination with spyware and cannot be programmed to start and end when the user is prompted to enter a username and password in any browser window.
Question 80
Question
Antivirus and antispyware programs can detect the data stored in the hardware keyloggers?
Question 81
Question
Zeus can alter the memory table that is associated with your browser and control the logging functions.
Question 82
Question
Amac is a keylogger designed for the Windows operating system.
Question 83
Question
Keyloggers run at ring 0.
Question 84
Question
Built-in firewalls are easy to turn off.
Question 85
Question
What is a Netcat?
Answer
-
a. Network port scanner
-
b. Virus
-
c. Trojan
Question 86
Question
Which tool is used to replace the .exe icon?
Answer
-
a. Exe icon
-
b. Netcat
-
c. Sandbox
Question 87
Question
The pattern that can be used to identify a virus is known as:
Answer
-
a. Stealth
-
b. Virus signature
-
c. Armoured
Question 88
Question
Which one of the following is not an attack, but a search for vulnerabilities to attack?
Answer
-
a. Denial-of-service
-
b. Port scanning
-
c. Dumpster diving
Question 89
Question
Which one can’t spread viruses?
Question 90
Question
Programs that come into a computer system disguised as something else are called:
Answer
-
a. Spoofers
-
b. Loggers
-
c. Trojans
Question 91
Question
Nmap stands for?
Answer
-
a. Network Mapper
-
b. NetBIOS Mapper
-
c. Network Map
Question 92
Question
Which is the best way to test or analyse malware?
Question 93
Question
Which is a function of Nmap?
Answer
-
a. Virus detection
-
b. Malware removal
-
c. Network scanning
Question 94
Question
What is the name of a hardware-based malware detection tool?
Answer
-
a. Adaptive DarkNet
-
b. Dr.Web
-
c. McAfee
Question 95
Question
How can malware infection be cured?
Question 96
Question
What is a Trojan-Game Thief?
Question 97
Question
Which step is essential for the organization to be compliant with certain ISOs or other certification bodies?
Question 98
Question
You may give someone your password if:
Answer
-
a. It is never OK to give out your password
-
b. Your boss asks you for your password
-
c. The Helpdesk asks you for your password
-
d. you send it by e‐mail and change it soon afterwards
Question 99
Question
Find the odd one out.
Answer
-
a. ECB
-
b. CBC
-
c. PKC
-
d. OFB
Question 100
Question
Pick the wrong statement(s) about Encryption.
Answer
-
a. It is an irreversible process.
-
b. It can be used to prove the identity of a person.
-
c. Non-repudiation is ensured.
-
d. It cannot ensure the integrity of data.