Save as PDF
Opens your browser print dialog — select "Save as PDF" to download.
Total No. of Questions: 8]
[Total No. of Printed Pages: 2
[2]
Roll No .....................................
MTCF-301(C)
M.E./M.Tech., III Semester
Examination, November 2023
Malware Analysis and Reverse Engineering
(Elective-I)
Time: Three Hours
Maximum Marks: 70
Note: i) Attempt any five questions.
ii) All questions carry equal marks.
1. a)
Briefly elaborate the fundamental of Malware analysis.
b)
Discuss the various methodologies used in Reverse Engineering Malware.
2. a)
What are the biggest sources of Malware? How would you identify threats within software/programs?
b)
What do you understand by Malware lab integrity? How one can capture and analyse the network traffic?
3. a)
What is DNS Hostname Resolution and Reverse IP search? Which type of network security issue is resolved through this type of forensics?
b)
Briefly elaborate the WinDbg Commands and Controls.
4. a)
Explain in detail about:
- MA Sandbox
- Memory Forensics.
b)
What is Malware and Kernel Debugging, differentiate between them? How one can configure JIT Debugger for Shellcode Analysis?
5. a)
List out the Windows API used for registry discovery. How do we do registry forensics using Reg Ripper Plug-ins?
b)
How malware analysis tools work? Explain one tool available with an example.
6. a)
Discuss about the functionalities of YARA tool used for malware analysis.
b)
What is dynamic analysis, Elaborate about Process monitor, Regshot, Handlediff?
7. a)
Discuss about the threats posed by Malwares to the society, with proper examples.
b)
Elaborate the process of researching and mapping of the source Domains/Ips.
8. a)
Write short note on:
- Deep Freeze process
- Code Injection and Extraction process.
b)
What is memory dumping? Explain with an example how it can be performed by using any one of the toolkits available?