adplus-dvertising
frame-decoration

Question

How does polymorphism prolong the analysis process of a malicious program?

a.

By encrypting the program using a static key.

b.

By decrypting the program at runtime.

c.

By maintaining the original functionality of the program.

d.

By encrypting the program using a random key.

Posted under Reverse Engineering

Answer: (d).By encrypting the program using a random key. Explanation:Polymorphism prolongs the analysis process of a malicious program by encrypting the program using a random key, which makes each copy of the program entirely different and prevents accurate identification of the program through virus signatures.

Engage with the Community - Add Your Comment

Confused About the Answer? Ask for Details Here.

Know the Explanation? Add it Here.

Q. How does polymorphism prolong the analysis process of a malicious program?

Similar Questions

Discover Related MCQs

Q. What is the potential weakness of the decryption code in a polymorphic program?

Q. What is required before entering a function that can be polymorphed?

Q. What is metamorphism in the context of malware?

Q. What is the benefit of using metamorphism in malware?

Q. What is required for a metamorphic engine to work?

Q. What kind of alterations can be automatically applied to a program by a metamorphic engine?

Q. What is a metamorphic engine?

Q. What are some parameters that can be randomized by a metamorphic engine?

Q. How does reversing a condition affect the program's code?

Q. What is garbage insertion?

Q. How can metamorphic engines make malware more difficult to identify?

Q. What should you do before attempting to analyze malware?

Q. What is the recommended method for transferring executables to the test system?

Q. Why is it important to rename the malicious program with a nonexecutable extension?

Q. What is the Trojan/Backdoor.Hacarmy.D?

Q. What is the file extension used for screen savers?

Q. What is the purpose of using a file name like "Webcam Shots.scr" for the Trojan?

Q. How is the Trojan/Backdoor.Hacarmy.D typically distributed?

Q. What is the purpose of running an executable through DUMPBIN or a similar program?

Q. What is UPX?