March 25
Sec+ Certmaster CE Complete Questions and Correct Detailed
Answers (Verified Answers)
A user used an administrator account to download and install a software
application. After the user launched the .exe extension installer file, the user
experienced frequent crashes, slow computer performance, and strange new services
running when turning on the computer. It seems like there are more and more
services running over time. What most likely happened to cause these issues?
Ans: The user installed Trojan horse malware.
A security operations center (SOC) analyst investigates the propagation of a
memory-resident virus across the network and notices a rapid consumption of
network bandwidth, causing a Denial of Service (DoS). What type of virus is this?
Ans: A worm
A user purchased a laptop from a local computer shop. After powering on the laptop
for the first time, the user noticed a few programs like Norton Antivirus asking for
permission to install. How would an IT security specialist classify these programs?
Ans: PUP
A fileless malicious software can replicate between processes in memory on a local
host or over network shares. What other behaviors and techniques would classify
malware as fileless rather than a normal virus? (Select all that apply.)
pg. 1
, March 25
Ans: -Uses lightweight shellcode
-Uses low observable characteristic attacks
An attacker is planning to set up a backdoor that will infect a set of specific
computers at an organization, to inflict a set of other intrusion attacks remotely.
Which of the following will support the attackers' plan? (Select all that apply.)
Ans: -Computer Bots
-Command & Control
If a user's computer becomes infected with malware and used as part of a botnet,
which of the following actions can be initiated by the attacker? (Select all that apply.)
Ans: -Launch a Distributed Denial of Service (DDoS) attack
-Launch a mass-mail spam attack
-Establish a connection with a Command and Control server
If a user's device becomes infected with crypto-malware, which of the following
would have been the best way to mitigate this compromise?
Ans: Have up-to-date backups.
A security specialist discovers a malicious script on a computer. The script is set to
execute if the administrator's account becomes disabled. What type of malware did
the specialist discover?
pg. 2
Sec+ Certmaster CE Complete Questions and Correct Detailed
Answers (Verified Answers)
A user used an administrator account to download and install a software
application. After the user launched the .exe extension installer file, the user
experienced frequent crashes, slow computer performance, and strange new services
running when turning on the computer. It seems like there are more and more
services running over time. What most likely happened to cause these issues?
Ans: The user installed Trojan horse malware.
A security operations center (SOC) analyst investigates the propagation of a
memory-resident virus across the network and notices a rapid consumption of
network bandwidth, causing a Denial of Service (DoS). What type of virus is this?
Ans: A worm
A user purchased a laptop from a local computer shop. After powering on the laptop
for the first time, the user noticed a few programs like Norton Antivirus asking for
permission to install. How would an IT security specialist classify these programs?
Ans: PUP
A fileless malicious software can replicate between processes in memory on a local
host or over network shares. What other behaviors and techniques would classify
malware as fileless rather than a normal virus? (Select all that apply.)
pg. 1
, March 25
Ans: -Uses lightweight shellcode
-Uses low observable characteristic attacks
An attacker is planning to set up a backdoor that will infect a set of specific
computers at an organization, to inflict a set of other intrusion attacks remotely.
Which of the following will support the attackers' plan? (Select all that apply.)
Ans: -Computer Bots
-Command & Control
If a user's computer becomes infected with malware and used as part of a botnet,
which of the following actions can be initiated by the attacker? (Select all that apply.)
Ans: -Launch a Distributed Denial of Service (DDoS) attack
-Launch a mass-mail spam attack
-Establish a connection with a Command and Control server
If a user's device becomes infected with crypto-malware, which of the following
would have been the best way to mitigate this compromise?
Ans: Have up-to-date backups.
A security specialist discovers a malicious script on a computer. The script is set to
execute if the administrator's account becomes disabled. What type of malware did
the specialist discover?
pg. 2
