Defense4

Can you name the Defense4?

Classic
Forced Order Answers have to be entered in order
0/23
15:00
question
Beginning of file with destructive overwrite: 2 methods: _______*.exe with a virus *.exe or _____ only the _____
This type of virus obscures its own entry point by finding a call instruction in the targeted PE file and 'hijacking' the call so that the virus code is called instead
What are the 3 major tasks of anti-virus software:
In terms of detection errors, which cause more trouble: false pos or flase neg
this virus overwrote at a random location in the *.exe file
this (in terms of anti-virus detection) is the false claim that a virus has been detected
an example of an IAT replacement (EPO) virus
most scanners are typically run through user settings. these are called
in this type of virus, the application code is compressed and the virus code plus decompressor code fits into the space that was save
to find a function call, a virus can scan the _____ section
this is a boot sector virus created in 1987
this section gives information to be used if the program has to be relocated during execution; ie reloaded at a different load point and provides a large cavity for viruses to use
question
The ____ is the function pointer thable that exports the API that the user application is presenting to outside callers; these functions can be saved in virus body and replaced wit
these are typical when comparing self-extracting archives and compressed viruses
This type of virus creator often searched for space within a file that is filled with zeros or ascii blanks
virus detection is generally done through on-demand or on-access ____
Vienna and suicide are famous examples of what kind of virus that saves the overwritten instructions in the virus
 
This worm secretly monitors and reprograms industrial control systems- contains 4 zero-day vulnerabilities an2 stolen digital certificates
this (in terms of anit-virus detection) is the failure to detect a virus on a system being scanner
*.exe, *.com, and *.bat are examples of
This 1191 DOS normal COM example used many techniques including appaneding, memory resistant, hooks interrupts, multiple variants
these types of tools are often used to examine infected code

Quiz Scoreboard

More to Explore

You Might Also Like...

May contain spoilers

Tags

This quiz does not have any tags.

Today's Top Quizzes in Miscellaneous

Browse Miscellaneous

Showdown Scoreboard SHOWDOWN HUB

More By:
blondiekat3

Quiz Plays Rating Category Featured Created
12 Music Feb 21, 2011
11 Miscellaneous Apr 5, 2011
11 1.00 Miscellaneous Feb 22, 2011
9 Miscellaneous Apr 27, 2011
7 Music Oct 2, 2011

Go to Creator's Profile

Your Account Isn't Verified!

In order to create a playlist on Sporcle, you need to verify the email address you used during registration. Go to your Sporcle Settings to finish the process.

Report this User

Report this user for behavior that violates our Community Guidelines.

Details: