Q:(1).. One of the name of backdoor virus is _____ . once access is enabled, it may hide ______.
(a)..Stealth, files
(b)..Rootkit,traces of unauthorized access
(c)..Hidden Key,unauthorized access
(d)..Worm,unauthorized access
Answer:- (b)..Rootkit,traces of unauthorized access
Reason:- A backdoor virus, therefore, is a malicious code which, by exploiting system flaws and vulnerabilities, is used to facilitate remote unauthorized access to a computer system or program , A rootkit can be used to open a backdoor, allowing hackers into a system.
Q:(2).. A Password cracker is a attack tool. Which of the following is also a type of attack tool ?
(a)..Rootkit Revealer
(b)..Network sniffer
(c)..TDSSKiller
(d)..All of the above
Answer:- (b)..Network sniffer
Reason:- A network sniffer, also known as a packet analyzer, is either software or hardware that can intercept data packets as they travel across a network and its is a type of attack tool .
Best Laptop for Students
Q:(3).. knark hides or unhides files or directories. It ?
(a)..uses system call redirection to hide its presence.
(b)..hides TCP or UDP connections.
(c)..is a loadable kernel module.
(d)..All of the above
Answer:- (d)..All of the above
Reason:- knark hides or unhides files or directories. It uses system call redirection to hide its presence,hides TCP or UDP connections,is a loadable kernel module ,
Main Difination :- knark by Creed (creed at sekure dot net) hides files, processes, services, redirect commands, and can give root privileges. ... It can hide processes, files, connections, redirect execution, and execute commands. It hides itself and can remove security modules already loaded.
Q:(4).. Which of following is true for signature-based IDS?
(a)..They can esily detect known attacks.
(b)..They can detect new attacks for which no pattern is there.
(c)..They have high false positive rates.
(d)..All of the mentioned
Answer:- (a)..They can esily detect known attacks.
Reason:- Signature-based IDS refers to the detection of attacks by looking for specific patterns, such as byte sequences in network traffic, or known malicious instruction sequences used by malware. This terminology originates from anti-virus software, which refers to these detected patterns as signatures.
Q:5. If we talk about stack based IDS, Which of the following is/are correct ?
(a)..They are integrated with the TCP/IP stack.
(b)..They pulls the packet from stack before OS .
(c)..Both (a). and (b).
(d)..None of the above
Answer:- (c)..Both (a). and (b).
Reason:- Stack Based IDS Stack IDS is a technology, which are integrated with the TCP/IP stack. Stack Intrusion Detection System allows the IDS to be watching the packets, than IDS pull the packet from the stack before the os.
0 Comments