Which program uses different techniques to conceal a malware's code, thereby making it difficult for
security mechanisms to detect or remove it?
Which of these rootkit detection techniques function by comparing a snapshot of the file system,
boot records, or memory with a known and trusted baseline?
Which forensic investigation methodology believes that criminals commit crimes solely to benefit
their criminal enterprises?
Which of the following Linux command searches through the current processes and lists the process
IDs those match the selection criteria to stdout?
Which of these ISO standards define the file system for optical storage media, such as CD-ROM and
In Linux OS, different log files hold different information, which help the investigators to analyze
various issues during a security incident. What information can the investigators obtain from the log
What is the location of a Protective MBR in a GPT disk layout?
Smith is an IT technician that has been appointed to his company's network vulnerability assessment
team. He is the only IT employee on the team. The other team members include employees from
Accounting, Management, Shipping, and Marketing. Smith and the team members are having their
first meeting to discuss how they will proceed. What is the first step they should do to create the
vulnerability assessment plan?
What does Locard's Exchange Principle state?
Which among the following web application threats is resulted when developers expose various
internal implementation objects, such as files, directories, database records, or key-through
Which of the following components within the android architecture stack take care of displaying
windows owned by different applications?
James, a hacker, identifies a vulnerability in a website. To exploit the vulnerability, he visits the login
page and notes down the session ID that is created. He appends this session ID to the login URL and
shares the link with a victim. Once the victim logs into the website using the shared URL, James
reloads the webpage (containing the URL with the session ID appended) and now, he can browse the
active session of the victim. Which attack did James successfully execute?
POP3 is an Internet protocol, which is used to retrieve emails from a mail server. Through which port
does an email client connect with a POP3 server?
In which cloud crime do attackers try to compromise the security of the cloud environment in order
to steal data or inject a malware?
Checkpoint Firewall logs can be viewed through a Check Point Log viewer that uses icons and colors
in the log table to represent different security events and their severity. What does the icon in the
checkpoint logs represent?