Sec+ Certmaster CE Question With 100%
Correct Answers
A user used an administrator account to download and install a software application.
After the user launched the .exe extension installer file, the user experienced frequent
crashes, slow computer performance, and strange new services running when turning
on the computer. It seems like there are more and more services running over time.
What most likely happened to cause these issues? - ✔✔ - The user installed Trojan
horse malware.
A security operations center (SOC) analyst investigates the propagation of a memory-
resident virus across the network and notices a rapid consumption of network
bandwidth, causing a Denial of Service (DoS). What type of virus is this? - ✔✔ - A worm
A user purchased a laptop from a local computer shop. After powering on the laptop for
the first time, the user noticed a few programs like Norton Antivirus asking for
permission to install. How would an IT security specialist classify these programs? - ✔✔
- PUP
A fileless malicious software can replicate between processes in memory on a local
host or over network shares. What other behaviors and techniques would classify
malware as fileless rather than a normal virus? (Select all that apply.) - ✔✔ - -Uses
lightweight shellcode
-Uses low observable characteristic attacks
An attacker is planning to set up a backdoor that will infect a set of specific computers at
an organization, to inflict a set of other intrusion attacks remotely. Which of the following
will support the attackers' plan? (Select all that apply.) - ✔✔ - -Computer Bots
-Command & Control
, If a user's computer becomes infected with malware and used as part of a botnet, which
of the following actions can be initiated by the attacker? (Select all that apply.) - ✔✔ - -
Launch a Distributed Denial of Service (DDoS) attack
-Launch a mass-mail spam attack
-Establish a connection with a Command and Control server
If a user's device becomes infected with crypto-malware, which of the following would
have been the best way to mitigate this compromise? - ✔✔ - Have up-to-date backups.
A security specialist discovers a malicious script on a computer. The script is set to
execute if the administrator's account becomes disabled. What type of malware did the
specialist discover? - ✔✔ - A logic bomb
End-users at an organization contact the cybersecurity department and report that, after
downloading a file, they are being redirected to shopping websites to which they did not
intend to navigate, and built-in webcams turn on. The security team confirms the issue
as malicious, and notes modified DNS (Domain Name System) queries that go to
nefarious websites hosting malware. What most likely happened to the users'
computers? - ✔✔ - Spyware infected the computers.
An attacker installs Trojan malware that can execute remote backdoor commands, such
as the ability to upload files and install software to a victim PC. What type of Trojan
malware is this? - ✔✔ - A Remote Access Trojan (RAT)
A hacker is trying to gain remote access to a company computer by trying brute force
password attacks using a few common passwords in conjunction with multiple
usernames. What specific type of password attack is the hacker most likely performing?
- ✔✔ - Password spraying attack
Correct Answers
A user used an administrator account to download and install a software application.
After the user launched the .exe extension installer file, the user experienced frequent
crashes, slow computer performance, and strange new services running when turning
on the computer. It seems like there are more and more services running over time.
What most likely happened to cause these issues? - ✔✔ - The user installed Trojan
horse malware.
A security operations center (SOC) analyst investigates the propagation of a memory-
resident virus across the network and notices a rapid consumption of network
bandwidth, causing a Denial of Service (DoS). What type of virus is this? - ✔✔ - A worm
A user purchased a laptop from a local computer shop. After powering on the laptop for
the first time, the user noticed a few programs like Norton Antivirus asking for
permission to install. How would an IT security specialist classify these programs? - ✔✔
- PUP
A fileless malicious software can replicate between processes in memory on a local
host or over network shares. What other behaviors and techniques would classify
malware as fileless rather than a normal virus? (Select all that apply.) - ✔✔ - -Uses
lightweight shellcode
-Uses low observable characteristic attacks
An attacker is planning to set up a backdoor that will infect a set of specific computers at
an organization, to inflict a set of other intrusion attacks remotely. Which of the following
will support the attackers' plan? (Select all that apply.) - ✔✔ - -Computer Bots
-Command & Control
, If a user's computer becomes infected with malware and used as part of a botnet, which
of the following actions can be initiated by the attacker? (Select all that apply.) - ✔✔ - -
Launch a Distributed Denial of Service (DDoS) attack
-Launch a mass-mail spam attack
-Establish a connection with a Command and Control server
If a user's device becomes infected with crypto-malware, which of the following would
have been the best way to mitigate this compromise? - ✔✔ - Have up-to-date backups.
A security specialist discovers a malicious script on a computer. The script is set to
execute if the administrator's account becomes disabled. What type of malware did the
specialist discover? - ✔✔ - A logic bomb
End-users at an organization contact the cybersecurity department and report that, after
downloading a file, they are being redirected to shopping websites to which they did not
intend to navigate, and built-in webcams turn on. The security team confirms the issue
as malicious, and notes modified DNS (Domain Name System) queries that go to
nefarious websites hosting malware. What most likely happened to the users'
computers? - ✔✔ - Spyware infected the computers.
An attacker installs Trojan malware that can execute remote backdoor commands, such
as the ability to upload files and install software to a victim PC. What type of Trojan
malware is this? - ✔✔ - A Remote Access Trojan (RAT)
A hacker is trying to gain remote access to a company computer by trying brute force
password attacks using a few common passwords in conjunction with multiple
usernames. What specific type of password attack is the hacker most likely performing?
- ✔✔ - Password spraying attack
