Which of the following best describes the primary goal of dynamic malware analysis?
Think about what happens when you run a program to see what it does.
Dynamic analysis involves running malware in a safe environment to watch its actions, such as network connections or file changes. This helps understand its behavior.
Which type of malware is designed to replicate itself and spread to other computers without user intervention?
Consider malware that spreads automatically over networks.
Worms are self-replicating malware that spread independently across networks, unlike Trojans which require user action.
Given this simplified malware code snippet, what is its likely purpose?
open('secret.txt', 'w').write('Hacked!')open('secret.txt', 'w').write('Hacked!')
Think about what the 'w' mode does when opening a file.
The code opens 'secret.txt' for writing, which creates the file if it doesn't exist or overwrites it if it does, then writes 'Hacked!'.
Why might signature-based antivirus software fail to detect new malware variants?
Think about how malware tries to avoid being recognized.
Signature-based detection relies on known patterns. Malware authors often modify code to evade these patterns, making detection harder.
Which statement correctly compares static and dynamic malware analysis?
Consider whether the malware is executed or just inspected.
Static analysis looks at the malware's code or files without running it, while dynamic analysis involves executing the malware to see what it does.