When an IDS system looks for a pattern indicating a known worm, what type of detection method is it using?
A. Signature-based
B. Anomaly-based
C. Statistical
D. Monitored
Answer: A
Why would an incident handler acquire memory on a system being investigated?
A. To determine whether a malicious DLL has been injected into an application
B. To identify whether a program is set to auto-run through a registry hook
C. To list which services are installed on they system
D. To verify which user accounts have root or admin privileges on the system
Answer: C
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.