



















Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
ALBERTA MALWARE ANALYST EXAM QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) PLUS RATIONALE 2026 Q&A|INSTANT DOWNLOAD PDF
Typology: Exams
1 / 27
This page cannot be seen from the preview
Don't miss anything!




















1. What is malware? A. Hardware component B. Malicious software designed to harm systems C. Network cable D. Encryption tool Answer: B Malware is software created to damage or exploit systems. 2. What is a virus in malware terms? A. Self-replicating malicious program attached to files B. Firewall system C. Database system D. Backup tool Answer: A Spreads by infecting files and programs. 3. What is a worm? A. Hardware bug B. Self-replicating malware that spreads over networks C. Encryption tool D. Antivirus system Answer: B Spreads without user action. 4. What is a trojan horse?
A. Useful software only B. Malware disguised as legitimate software C. Firewall system D. Backup system Answer: B Tricks users into executing malware.
5. What is ransomware? A. Data backup tool B. Malware that encrypts files and demands payment C. Firewall system D. Compression tool Answer: B Extorts victims by locking data. 6. What is spyware? A. Antivirus tool B. Malware that secretly collects user data C. Backup system D. Encryption system Answer: B Steals sensitive information silently. 7. What is adware? A. Malware displaying unwanted ads B. Firewall system C. Backup tool D. Encryption system Answer: A Generates unwanted advertisements.
12. What is malware signature? A. User password B. Unique pattern used for detection C. Firewall rule D. Backup file Answer: B Used in antivirus detection. 13. What is static analysis? A. Running malware B. Examining malware without execution C. Deleting malware D. Encrypting malware Answer: B Safe analysis method. 14. What is dynamic analysis? A. No execution B. Running malware in controlled environment C. Backup system D. Encryption system Answer: B Observes behavior in real time. 15. What is sandbox? A. Production environment B. Isolated environment for malware testing C. Firewall system D. Database system
Answer: B Prevents system damage.
16. What is reverse engineering? A. Writing malware B. Breaking malware down to understand behavior C. Backup process D. Encryption system Answer: B Used for deep malware analysis. 17. What is obfuscation? A. Data backup B. Hiding malware code structure C. Firewall rule D. Encryption only Answer: B Makes analysis harder. 18. What is packing in malware? A. Compression for storage B. Hiding malware inside compressed/encrypted form C. Backup system D. Logging system Answer: B Used to evade detection. 19. What is unpacking? A. Deleting malware B. Extracting original malware code
A. Backup tool B. Malware recording keystrokes C. Firewall system D. Encryption tool Answer: B Steals passwords and data.
24. What is botnet? A. Antivirus system B. Network of infected devices C. Backup system D. Encryption system Answer: B Used for large-scale attacks. 25. What is command and control (C2)? A. Backup system B. Remote attacker control server C. Firewall system D. Database system Answer: B Controls infected machines. 26. What is beaconing in malware? A. Data backup B. Regular communication to attacker server C. Encryption process D. Logging process Answer: B Indicates active infection.
27. What is persistence mechanism? A. System shutdown B. Keeping malware active after reboot C. Backup system D. Firewall system Answer: B Ensures long-term infection. 28. What is registry key modification? A. Backup method B. Technique for malware persistence C. Encryption system D. UI system Answer: B Used to survive reboot. 29. What is antivirus heuristic detection? A. Signature-based only B. Behavior-based detection C. Backup system D. Encryption system Answer: B Detects unknown malware. 30. What is false positive in malware detection? A. Real malware B. Legitimate file flagged as malicious C. Backup system D. Encryption system Answer: B Incorrect detection.
Answer: B Makes malware invisible.
35. What is memory analysis? A. Disk storage B. Examining RAM for malware traces C. UI system D. Backup system Answer: B Detects fileless malware. 36. What is network traffic analysis? A. UI design B. Monitoring network for malicious activity C. Backup system D. Coding system Answer: B Detects command and control traffic. 37. What is malware signature database? A. UI system B. Collection of known malware patterns C. Backup system D. Encryption system Answer: B Used by antivirus engines. 38. What is zero-day malware? A. Known threat B. Malware exploiting unknown vulnerability
C. Backup system D. Firewall system Answer: B No existing patch available.
39. What is exploit kit? A. Antivirus tool B. Toolkit for exploiting vulnerabilities C. Backup system D. Encryption system Answer: B Automates attacks. 40. What is malware dropper? A. Backup tool B. Installs other malware C. Firewall system D. Encryption system Answer: B Initial infection stage. 41. What is cryptojacking malware? A. Data backup B. Uses system to mine cryptocurrency C. Firewall system D. Encryption tool Answer: B Steals computing power. 42. What is polymorphic engine?
46. What is malware classification? A. Random grouping B. Categorizing malware types C. Backup system D. Encryption system Answer: B Helps structured analysis. 47. What is incident response in malware case? A. Coding process B. Handling malware infection C. UI design D. Database system Answer: B Stops and mitigates attacks. 48. What is malware removal process? A. Backup B. Eliminating malicious software C. Encryption D. Logging Answer: B Cleans infected systems. 49. What is malware analyst role? A. Coding apps B. Analyze and reverse engineer malware C. UI design D. Hardware repair Answer: B Focuses on malware understanding.
50. What is ultimate goal of malware analysis? A. Spread malware B. Understand, detect, and prevent malware C. UI design D. Data storage Answer: B Protects systems from malicious software. 51. What is advanced malware persistence technique? A. Temporary execution B. Surviving reboot and system cleanup C. File deletion D. Logging only Answer: B Ensures malware stays active long-term. 52. What is kernel-level malware? A. User application B. Malware operating in OS kernel space C. Browser extension D. Firewall tool Answer: B Very hard to detect and remove. 53. What is user-mode malware? A. Runs in BIOS B. Runs in normal application space C. Runs in hardware D. Runs in firmware only Answer: B Easier to detect than kernel malware.
Answer: B Executes payload in system memory.
58. What is malware callback mechanism? A. Backup request B. Contacting attacker server C. Encryption method D. Logging system Answer: B Used for command and control. 59. What is C2 encryption channel? A. Public network B. Secure attacker communication channel C. Database link D. Backup system Answer: B Hides attacker communication. 60. What is domain fronting in malware? A. Firewall rule B. Hiding malicious traffic behind trusted domains C. Backup method D. Encryption system Answer: B Evades detection systems. 61. What is living-off-the-land (LOTL) attack? A. Hardware attack B. Using legitimate system tools maliciously
C. Backup system D. Antivirus method Answer: B Avoids detection by using trusted tools.
62. What is PowerShell malware? A. Hardware issue B. Malware using Windows PowerShell scripts C. Firewall system D. Backup tool Answer: B Common fileless attack method. 63. What is WMI abuse in malware? A. UI system B. Using Windows Management Instrumentation for attacks C. Encryption system D. Backup system Answer: B Used for stealth persistence. 64. What is registry persistence? A. Backup system B. Malware surviving through registry entries C. Firewall rule D. Encryption system Answer: B Ensures reboot survival. 65. What is memory injection attack?
69. What is privilege escalation exploit? A. Data backup B. Gaining higher system permissions C. Encryption system D. Firewall rule Answer: B Common malware objective. 70. What is anti-debugging technique? A. Detection method B. Preventing malware analysis C. Backup system D. Logging system Answer: B Used to evade analysts. 71. What is anti-VM detection? A. Malware detection B. Avoiding virtual machine environments C. Backup system D. Firewall system Answer: B Evades sandbox analysis. 72. What is time-based evasion? A. Encryption system B. Delaying execution to avoid detection C. Backup system D. Logging system Answer: B Avoids sandbox time limits.
73. What is sandbox fingerprinting? A. Malware deletion B. Detecting analysis environment C. Backup system D. Firewall system Answer: B Helps malware evade detection. 74. What is malware crypter? A. Encryption tool B. Tool to encrypt and obfuscate malware C. Firewall system D. Backup system Answer: B Hides malicious code. 75. What is steganography in malware? A. Compression B. Hiding data inside images/files C. Backup system D. Logging system Answer: B Conceals malicious payloads. 76. What is botnet C2 rotation? A. Static server B. Changing command servers C. Backup system D. Encryption system