Which Trojan can bypass firewalls and operate in reverse, using web-based interfaces on port 80, spawning a child program at a predetermined time?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which Trojan can bypass firewalls and operate in reverse, using web-based interfaces on port 80, spawning a child program at a predetermined time?

Explanation:
Malware that hides its command-and-control by using reverse connections over common web ports is being tested. These Trojans initiate outbound connections from the infected host to the attacker, which helps them bypass firewalls that block unsolicited inbound access. They typically expose a web-based control interface reachable through port 80 (and often 443) so the attacker can issue commands via a browser, blending in with normal web traffic. The ability to spawn a child program at a predetermined time is a common technique for persistence and staged payloads, allowing the attacker to deploy additional functionality or payloads on a schedule while maintaining control. This combination of reverse HTTP(S) C2, a web-based UI on port 80, and timed spawning fits the HTTP/HTTPS Trojan class. Other options describe related tools or different mechanisms (a RAT using HTTP for C2, a standalone web server, or a banking-focused Trojan) that don’t align as closely with all these traits.

Malware that hides its command-and-control by using reverse connections over common web ports is being tested. These Trojans initiate outbound connections from the infected host to the attacker, which helps them bypass firewalls that block unsolicited inbound access. They typically expose a web-based control interface reachable through port 80 (and often 443) so the attacker can issue commands via a browser, blending in with normal web traffic. The ability to spawn a child program at a predetermined time is a common technique for persistence and staged payloads, allowing the attacker to deploy additional functionality or payloads on a schedule while maintaining control. This combination of reverse HTTP(S) C2, a web-based UI on port 80, and timed spawning fits the HTTP/HTTPS Trojan class. Other options describe related tools or different mechanisms (a RAT using HTTP for C2, a standalone web server, or a banking-focused Trojan) that don’t align as closely with all these traits.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy