Define malware and list its common types.
[3 marks]Compare worms and trojans with examples.
[4 marks]Evaluate the evolution of malware and discuss how malware threats have adapted over time.
[7 marks]Explain the concept of a logic bomb.
[3 marks]What is the difference between static and dynamic malware analysis?
[4 marks]Justify the importance of understanding OS security concepts for malware analysis.
[7 marks]Create a step-by-step guide for performing static analysis on an unknown executable.
[7 marks]Describe any two anti-static analysis techniques.
[3 marks]Explain the structure of a virtual machine used in malware analysis.
[4 marks]What are the common malware threats that exist today? Give a short description of each
[7 marks]Define obfuscation and explain its role in malware.
[3 marks]Explain how anti-static analysis techniques like packing and obfuscation hinder analysis.
[4 marks]What are Ccode constructs commonly found in disassembled malware?
[7 marks]Define breakpoints and their role in OllyDbg.
[3 marks]Describe how Wireshark can be used in analyzing network activity of malware.
[4 marks]Define file-less malware and explain its execution mechanism. Page 1 of
[2 marks]What are system calls and why are they important in dynamic analysis?
[3 marks]How can debuggers be used to unpack malware from memory?
[4 marks]Explain the use of memory forensics in identifying and analyzing advanced malware
[7 marks]Define metamorphic malware.
[3 marks]Compare signature-based and non-signature-based detection methods.
[4 marks]What is app sandboxing and how does it protect Android systems?
[7 marks]What is code injection?
[3 marks]Analyze the behavior of DroidKungFu malware.
[4 marks]Explain smartphone app permissions and how misuse leads to malware infections. Page 2 of
[2 marks]