Q. Why must security and antivirus programs reside at a low enough level in the operating system?

View solution

Q. At what level could a malicious program theoretically infect a program?

View solution

Q. Why is it problematic if a malicious program alters an extremely low-level component?

View solution

Q. What is the main goal of backdoor access for many malicious programs?

View solution

Q. What are Denial-of-Service (DoS) attacks?

View solution

Q. What is the basic problem with malware?

View solution

Q. Why can't encryption-based approaches address the vulnerability of malware?

View solution

Q. What are some ways to hide malicious software?

View solution

Q. What is the most powerful analysis method for analyzing malware?

View solution

Q. What are antireversing techniques?

View solution

Q. What is the easiest way for antivirus programs to identify malicious programs?

View solution

Q. What is polymorphism?

View solution

Q. What is the weakness of polymorphism-based solutions?

View solution

Q. How does polymorphism prolong the analysis process of a malicious program?

View solution

Q. What is the potential weakness of the decryption code in a polymorphic program?

View solution

Q. What is required before entering a function that can be polymorphed?

View solution

Q. What is metamorphism in the context of malware?

View solution

Q. What is the benefit of using metamorphism in malware?

View solution

Q. What is required for a metamorphic engine to work?

View solution

Q. What kind of alterations can be automatically applied to a program by a metamorphic engine?

View solution