GIAC Reverse Engineering Malware - GREM무료 덤프문제 풀어보기
What does it imply if a .NET malware sample contains calls to the
System.Reflection.Assembly.Load method?
System.Reflection.Assembly.Load method?
정답: D
What features should a malware analysis lab have to ensure effective analysis? (Choose Three)
정답: A,B,C
What is a common sign that a PDF might be malicious?
정답: D
Which malware technique involves injecting code into a legitimate process to execute malicious activities?
정답: D
IsDebuggerPresent() returns false but debugging artifacts are detected. What is the malware likely doing?
정답: B
Why might a malware analyst examine the conditional statements within a malware's assembly code?
정답: D
Which of the following tools or methods can be effectively used to analyze malicious RTF files?
(Choose Two)
(Choose Two)
정답: A,C
Which of the following are common flow control instructions used in malware? (Choose two)
정답: C,D
A malware dynamically allocates RWX memory and copies code into it. What is the BEST indication for next analysis step?
정답: C
Which instructions or constructs are essential to understand when analyzing malware for anti- analysis techniques? (Choose Two)
정답: B,C
What is the purpose of employing anti-disassembly techniques in malware?
정답: D