Attackers often use scripts in which binaries or shellcode are obfuscated and encoded; these script-based attacks may be embedded in documents as email attachments. This is known as what?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Attackers often use scripts in which binaries or shellcode are obfuscated and encoded; these script-based attacks may be embedded in documents as email attachments. This is known as what?

Explanation:
Attackers leverage scripts to deliver and run malicious payloads by hiding binaries or shellcode inside encoded or obfuscated scripts, then embedding those scripts in documents as email attachments. The idea is that the script script executes within a trusted document environment (like a word processor or email viewer), decodes the payload at run time, and launches the code, often taking advantage of macros or scripting engines to bypass filters. This is a delivery and execution technique that specifically centers on script-based mechanisms used to inject and run malicious content from within documents, rather than altering memory of a running process or simply distributing a standalone malware file. The emphasis on encoding/obfuscation and document-embedded delivery differentiates it from memory code injection, which involves injecting code directly into a running process, and from generic file-based malware, which doesn’t inherently involve script-based execution embedded in documents. It also isn’t about legitimate applications, which would be benign.

Attackers leverage scripts to deliver and run malicious payloads by hiding binaries or shellcode inside encoded or obfuscated scripts, then embedding those scripts in documents as email attachments. The idea is that the script script executes within a trusted document environment (like a word processor or email viewer), decodes the payload at run time, and launches the code, often taking advantage of macros or scripting engines to bypass filters. This is a delivery and execution technique that specifically centers on script-based mechanisms used to inject and run malicious content from within documents, rather than altering memory of a running process or simply distributing a standalone malware file. The emphasis on encoding/obfuscation and document-embedded delivery differentiates it from memory code injection, which involves injecting code directly into a running process, and from generic file-based malware, which doesn’t inherently involve script-based execution embedded in documents. It also isn’t about legitimate applications, which would be benign.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy