Question 281
Which of the following malicious code can have more than one type of trigger, multiple task capabilities, and can replicate itself in more than one manner?
Question 282
Your friend plans to install a Trojan on your computer. He knows that if he gives you a new version of chess.exe, you
will definitely install the game on your computer. He picks up a Trojan and joins it to chess.exe. The size of chess.exe
was 526,895 bytes originally, and after joining this chess file to the Trojan, the file size increased to 651,823 bytes.
When he gives you this new game, you install the infected chess.exe file on your computer. He now performs various
malicious tasks on your computer remotely. But you suspect that someone has installed a Trojan on your computer
and begin to investigate it. When you enter the netstat command in the command prompt, you get the following results:
C:\WINDOWS>netstat -an | find "UDP"
UDP IP_Address:31337 *:*
Now you check the following registry address:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
In the above address, you notice a 'default' key in the 'Name' field having " .exe" value in the
corresponding 'Data' field. Which of the following Trojans do you think your friend may have installed on your
computer on the basis of the above evidence?
Question 283
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following steps of the pre-attack phase:
l Information gathering
l Determining network range
l Identifying active machines
l Finding open ports and applications
l OS fingerprinting
l Fingerprinting services
Now John wants to perform network mapping of the We-are-secure network. Which of the following tools can he use to accomplish his task?
Each correct answer represents a complete solution. Choose all that apply.
Question 284
Mark works as a Network Administrator for Perfect Inc. The company has both wired and wireless networks.
An attacker attempts to keep legitimate users from accessing services that they require. Mark uses IDS/IPS sensors on the wired network to mitigate the attack. Which of the following attacks best describes the attacker's intentions?
Question 285
Which of the following netcat parameters makes netcat a listener that automatically restarts itself when a connection is dropped?
