9/4/24, 12:23 AM Individual Response

14.7.9 Practice Questions

Candidate: Johnaton Jameer ([email protected])
Date: 9/4/2024, 12:23:18 AM • Time Spent: 08:54
Score: 100% Passing Score: 80%

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-b… 1/11
9/4/24, 12:23 AM Individual Response

Question 1. Correct

While browsing the internet, you notice that your browser displays pop-ups containing
advertisements that are related to recent keyword searches that you have performed.

Which of the following is this an example of?

Adware

Worm

Grayware

Trojan

Explanation

Adware monitors actions that denote personal preferences and then sends pop-ups and ads
that match those preferences. Adware is:

Usually passive.

Invasive.

Installed on your machine when you visit a website or run an application.

Usually more annoying than harmful.

A worm is a self-replicating virus.

Grayware is software that might offer a legitimate service, but also includes features that you
aren't aware of or features that could be used for malicious purposes.

A Trojan horse is a malicious program that is disguised as legitimate or desirable software.

References

14.7.1 Malware
14.7.2 Malware Facts
q_sec_sw_adware_ex_pp7.question.fex

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-b… 2/11
9/4/24, 12:23 AM Individual Response

Question 2. Correct

Which of the following are the most common means of virus distribution? (Select two.)

Music files from the internet

Floppy disks

Email

Malicious websites

Commercial software CDs

Explanation

Email is the most common means of virus distribution. Often, viruses employ self-contained
SMTP servers to facilitate self-replication and distribution over the internet. Viruses are able to
spread quickly and broadly by exploiting the communication infrastructure of internet email.

Malicious websites are also frequently used for virus distribution. For this reason, it is
important to keep your antivirus software updated so as to block any possible attempts by
viruses to infect your systems or to spread to other systems from your system.

Floppy disks are rarely used and normally pose no virus distribution threat.

Downloaded music files and commercial software CDs all have the potential to spread viruses,
but they are not as commonly employed.

References

14.7.1 Malware
14.7.2 Malware Facts
q_sec_sw_common_virus_distrib_methods_pp7.question.fex

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-b… 3/11
9/4/24, 12:23 AM Individual Response

Question 3. Correct

Which of the following describes spyware?

It is a malicious program that is disguised as legitimate software.

It monitors the actions you take on your machine and sends the
information back to the originating source.

It monitors the actions of a user and then sends pop-up ads to the user
that match their tastes.

It is a program that attempts to damage a computer system and

replicate itself to other computer systems.

Explanation

Spyware monitors the actions you take on your machine and sends the information back to
the originating source.

Adware monitors the actions of a user that denote their personal preferences and then sends
pop-ups and ads to the user that match their tastes.

A virus is a program that attempts to damage a computer system and replicate itself to other
computer systems.

A Trojan horse is a malicious program that is disguised as legitimate software.

References

14.7.1 Malware

14.7.2 Malware Facts

q_sec_sw_spyware_def_pp7.question.fex

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-b… 4/11
9/4/24, 12:23 AM Individual Response

Question 4. Correct

Anna, a user, downloaded a free PDF editing application from the internet. Now her laptop
constantly displays desktop pop-ups, and several applications don't start.

Which of the following types of malware was Anna the victim of?

Social engineering

Worm

Trojan

Spyware

Explanation

A Trojan, or Trojan horse, is a type of malware that is often disguised as legitimate software.

Spyware is malware that monitors a user's behavior without their knowledge. Spyware often
secretly gathers information about a person or organization and relays this data to other
parties.

Social engineering is a way of manipulating people so that they give up confidential

information, such as passwords, bank information, or access to a computer.

A worm is a type of malware that exploits vulnerabilities in an operating system and often
spreads to other computers by replicating itself.

References

14.7.1 Malware

14.7.2 Malware Facts

q_sec_sw_trojan_attack_ex_pp7.question.fex

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-b… 5/11
9/4/24, 12:23 AM Individual Response

Question 5. Correct

Which of the following is a program that appears to be a legitimate application, utility, game,
or screen saver, but performs malicious activities surreptitiously?

Worm

Trojan horse

Ransomware

Scareware

Explanation

A Trojan horse is a program that appears to be a legitimate application, utility, game, or

screen saver, but performs malicious activities surreptitiously. Trojan horses are commonly
internet downloads. To keep your systems secure and free from such malicious code, you
need to take extreme caution when downloading any type of file from just about any site on
the internet. If you don't fully trust the site or service that is offering a file, don't download it.

Ransomware is a form of malware that denies access to an infected computer system until
the user pays a ransom.

A worm is a type of malicious code similar to a virus. A worm's primary purpose is to duplicate
itself and spread, while not necessarily intentionally damaging or destroying resources.

Scareware is a scam that fools users into thinking that they have some form of malware on
their system. The intent of the scam is to sell the user fake antivirus software to remove
malware that they don't have.

References

14.7.1 Malware
14.7.2 Malware Facts
q_sec_sw_trojan_def_pp7.question.fex

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-b… 6/11
9/4/24, 12:23 AM Individual Response

Question 6. Correct

You are troubleshooting a malware infection. As part of the remediation process, you have
used a USB drive to boot into a lightweight version of Windows.

Which of the following did you MOST likely boot into?

Sheep dip computer

WinPE

Safe Mode

System Restore

Explanation

In this scenario, you have most likely booted into a WinPE environment. A Windows Pre-
Installation environment (WinPE) is a lightweight version of Windows that boots from a USB
drive and is typically used to help deploy Windows in an enterprise environment or to
troubleshoot Windows issues.

Safe Mode boots Windows with the minimal drivers and applications. Safe Mode is not what
was described in this scenario.

System Restore is used to roll Windows back to a previous image. System Restore is not what
was described in this scenario.

A sheep dip computer is a special computer that is used for malware analysis and
remediation. A sheep dip computer is not what was described in this scenario.

References

14.7.7 Malware Removal Best Practice

14.7.8 Malware Removal Best Practice Facts
q_malware_removal_boot_into_winpe_pp7.question.fex

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-b… 7/11
9/4/24, 12:23 AM Individual Response

Question 7. Correct

You have been tasked with removing malware from an infected system. You have confirmed
that there is an infection, and you continue running scans and removing the malware, but
every time the system is rebooted, the malware comes back.

Which of the following should you do to help prevent this from happening?

Quarantine the system

Boot into Safe Mode

Use a different anti-malware program

Disable Windows System Restore

Explanation

The first step in the remediation process is to disable Windows System Restore. Many
malware programs embed copies of themselves in the System Restore files so that if the
computer is rebooted or a System Restore is attempted, the malware simply reinfects the
machine. By disabling System Restore, the malware copy is removed and should not be able
to reinfect the system.

Malware scans should be done in Safe Mode, but booting into Safe Mode will not prevent the
malware from reinfecting the system upon a reboot.

Quarantining the system will not prevent the malware from reinfecting the system upon a
reboot.

Using a different anti-malware program does not solve this problem.

References

14.7.7 Malware Removal Best Practice

14.7.8 Malware Removal Best Practice Facts
q_malware_removal_disable_wre_solution_pp7.question.fex

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-b… 8/11
9/4/24, 12:23 AM Individual Response

Question 8. Correct

Which of the following should you do FIRST when you suspect a malware infection?

Quarantine the infected system.

Disable Windows System Restore.

Run a deep malware scan.

Investigate and verify the malware symptoms.

Explanation

When you suspect a malware infection, you should investigate and verify that the symptoms
are not from other causes before taking further steps.

Perform the other options after you have investigated and verified the symptoms.

References

14.7.7 Malware Removal Best Practice

14.7.8 Malware Removal Best Practice Facts

q_malware_removal_investigate_malware_pp7.question.fex

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-b… 9/11
9/4/24, 12:23 AM Individual Response

Question 9. Correct

Which of the following should you do immediately after a malware infection is confirmed?

Quarantine the infected system.

Run a deep malware scan.

Boot to a Windows Pre-installation Environment (WinPE).

Disable Windows System Restore.

Explanation

If a malware infection is confirmed, you should immediately quarantine the system to prevent
the malware from spreading through the network. You should remove the device from the
network and disconnect any shared drives or connections.

Perform the other options after the malware infection is confirmed.

References

14.7.7 Malware Removal Best Practice

14.7.8 Malware Removal Best Practice Facts
q_malware_removal_quarantine_system_pp7.question.fex

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-… 10/11
9/4/24, 12:23 AM Individual Response

Question 10. Correct

After a malware infection has been fully remediated, you should re-enable System Restore
and run a full system backup.

Which of the following is the BEST place to save this backup?

In the cloud

On an external drive

On the main hard drive on your computer

On the secondary drive on your computer

Explanation

After your computer has been cleared of a malware infection, perform a full system backup
and save it to an external drive.

While a backup can be saved to the cloud, it's recommended to save the backup to an external
drive so that the backup can be easily accessed and restored if needed.

Never save the backup to any drive inside of your computer.

References

14.7.7 Malware Removal Best Practice

14.7.8 Malware Removal Best Practice Facts
q_malware_removal_save_backup_external_drive_pp7.question.fex

Copyright © The Computing Technology Industry Association, Inc. All rights reserved.

https://labsimapp.testout.com/v6_0_611/exam-engine.html/3b363122-8ae1-43a0-838d-9e1bb3046441/exam-session/437367/c3fbb88d-3957-480a-… 11/11