Q. Why would a clever malicious program install itself as a filesystem filter?

View solution

Q. Where must security and antivirus programs reside in order to prevent malicious programs from distorting their view of the system?

View solution

Q. What is firmware?

View solution

Q. Can firmware be updated at the customer site using a special firmware-updating program?

View solution

Q. What could a clever malicious program do to avoid detection by an antivirus program?

View solution

Q. Why must security and antivirus programs reside at a low enough level in the operating system?

View solution

Q. At what level could a malicious program theoretically infect a program?

View solution

Q. Why is it problematic if a malicious program alters an extremely low-level component?

View solution

Q. What is the main goal of backdoor access for many malicious programs?

View solution

Q. What are Denial-of-Service (DoS) attacks?

View solution

Q. What is the basic problem with malware?

View solution

Q. Why can't encryption-based approaches address the vulnerability of malware?

View solution

Q. What are some ways to hide malicious software?

View solution

Q. What is the most powerful analysis method for analyzing malware?

View solution

Q. What are antireversing techniques?

View solution

Q. What is the easiest way for antivirus programs to identify malicious programs?

View solution

Q. What is polymorphism?

View solution

Q. What is the weakness of polymorphism-based solutions?

View solution

Q. How does polymorphism prolong the analysis process of a malicious program?

View solution

Q. What is the potential weakness of the decryption code in a polymorphic program?

View solution