TestOut Ethical Hacker Pro
Questions and Correct Answers
System log files
You believe your system has been hacked. Which of the following is the first thing
you should check?
A black hat hacker
Who would be most likely to erase only parts of the system log files?
auditpol
Phil, a hacker, has found his way into a secure system. He is looking for a Windows
utility he can use to retrieve, set, back up, and restore logging policies. Which of
the following utilities should he consider?
Hiding evidence
Which of the following could a hacker use Alternate Data Streams (ADS) for?
touch
,James, a hacker, has hacked into a Unix system and wants to change the
timestamps on some files to hide his tracks. Which of the following timestamp
tools would he most likely use?
A tool that can remove files and clear internet browsing history. It also frees up
hard disk space. It clears the temporary files, history, and cookies from each of the
six major search engines.
Which of the following best describes CCleaner?
Malicious alternate data streams
Mark is moving files from a device that is formatted using NFTS to a device that is
formatted using FAT. Which of the following is he trying to get rid of?
Sirefef
What is also known as ZeroAccess and has virus, Trojan horse, and rootkit
components?
Integrity-based
Jerry runs a tool to scan a clean system to create a database. The tool then scans
the system again and compares the second scan to the clean database. Which of
the following detection methods is Jerry using?
,Searches for execution path hooking, which allows a function value in an
accessible environment to be changed
Which of the following best describes the heuristic or behavior-based detection
method?
Steganography
The method of embedding data into legitimate files like graphics to hide it and
then extracting the data once it reaches its destination is called:
Steganography
Cameron wants to send secret messages to his friend Brandon, who works at a
competitor's company. To secure these message, he uses a technique to hide a
secret message within a video. Which of the following techniques is he using?
A crypter can encrypt, obfuscate, and manipulate malware to make it difficult to
detect
The program shown is a crypter. Which of the following best defines what this
program does?
CAN-SPAM Act
Which of the following laws is designed to regulate emails?
, Launch
A virus replicated itself throughout the infected systems and is executing its
payload. Which of the following phrases of the virus lifecycle is the virus in?
Worm
Heather is performing a penetration test of her client's malware protection. She
had developed a malware program that doesn't require any user interaction and
wants to see how far it will spread through the network. Which of the following
types of malware is she using?
Dropper
Which of the following parts of the Trojan horse packet installs the malicious code
onto the target machine?
Trojan horse
Heather wants to gain remote access to Randy's machine. She has developed a
program and hidden it inside a legitimate program that she is sure Randy will
install on his machine. Which of the following types of malware is she using?
Questions and Correct Answers
System log files
You believe your system has been hacked. Which of the following is the first thing
you should check?
A black hat hacker
Who would be most likely to erase only parts of the system log files?
auditpol
Phil, a hacker, has found his way into a secure system. He is looking for a Windows
utility he can use to retrieve, set, back up, and restore logging policies. Which of
the following utilities should he consider?
Hiding evidence
Which of the following could a hacker use Alternate Data Streams (ADS) for?
touch
,James, a hacker, has hacked into a Unix system and wants to change the
timestamps on some files to hide his tracks. Which of the following timestamp
tools would he most likely use?
A tool that can remove files and clear internet browsing history. It also frees up
hard disk space. It clears the temporary files, history, and cookies from each of the
six major search engines.
Which of the following best describes CCleaner?
Malicious alternate data streams
Mark is moving files from a device that is formatted using NFTS to a device that is
formatted using FAT. Which of the following is he trying to get rid of?
Sirefef
What is also known as ZeroAccess and has virus, Trojan horse, and rootkit
components?
Integrity-based
Jerry runs a tool to scan a clean system to create a database. The tool then scans
the system again and compares the second scan to the clean database. Which of
the following detection methods is Jerry using?
,Searches for execution path hooking, which allows a function value in an
accessible environment to be changed
Which of the following best describes the heuristic or behavior-based detection
method?
Steganography
The method of embedding data into legitimate files like graphics to hide it and
then extracting the data once it reaches its destination is called:
Steganography
Cameron wants to send secret messages to his friend Brandon, who works at a
competitor's company. To secure these message, he uses a technique to hide a
secret message within a video. Which of the following techniques is he using?
A crypter can encrypt, obfuscate, and manipulate malware to make it difficult to
detect
The program shown is a crypter. Which of the following best defines what this
program does?
CAN-SPAM Act
Which of the following laws is designed to regulate emails?
, Launch
A virus replicated itself throughout the infected systems and is executing its
payload. Which of the following phrases of the virus lifecycle is the virus in?
Worm
Heather is performing a penetration test of her client's malware protection. She
had developed a malware program that doesn't require any user interaction and
wants to see how far it will spread through the network. Which of the following
types of malware is she using?
Dropper
Which of the following parts of the Trojan horse packet installs the malicious code
onto the target machine?
Trojan horse
Heather wants to gain remote access to Randy's machine. She has developed a
program and hidden it inside a legitimate program that she is sure Randy will
install on his machine. Which of the following types of malware is she using?
