# CHFI2 Quiz 2

1. Which of the following malware distribution techniques involves the exploitation of flaws in browser software to install malware upon a simple visit to a web page?
  - [ ] Spear phishing sites
  - [X] Drive-by downloads
  - [ ] Mouse hovering
  - [ ] Blackhat SEO
 
2. Which of the following types of malware analysis is also referred to as code analysis that involves going through the executable binary code without its actual execution?
  - [ ] Behavioral analysis
  - [ ] Malware code execution
  - [X] Static malware analysis
  - [ ] Dynamic malware analysis
 
3. In which of the following methods do attackers often use packers to compress, encrypt, or modify a malware executable file to avoid detection?
  - [ ] Malware disassembly
  - [X] Obfuscation
  - [ ] Performing string search
  - [ ] File fingerprinting
 
4. Which of the following techniques involves monitoring IP addresses, looking for connected ports, and examining DNS entries?
  - [ ] System behavior analysis
  - [ ] Event logs examination
  - [X] Network behavior analysis
  - [ ] Monitoring registry artifacts
 
5. Which of the following event IDs stored in event logs indicates that a new process has been created on Windows?
  - [ ] 4657
  - [ ] 4660
  - [X] 4688
  - [ ] 4663