Cyber Security Assessment Questions and Answers on “Attack Vectors – Reverse Engineering”.
1. ________________ is a type of reverse engineering tool that is used to dissect binary codes into assembly codes.
a) PE & Resource Viewer
b) Debugger
c) Disassembler
d) Hex Editor
Answer: c
Clarification: Disassembler is a type of reverse engineering tool that is used to dissect binary codes into assembly codes. They are also in use to extract functions, strings, libraries, and other parts of a program.
2. Which of the following is not a function or use of disassembler?
a) Extracting functions & libraries
b) Extracting strings and values
c) Assemble medium-level codes
d) Dissect binary codes
Answer: c
Clarification: Assembling of medium-level codes is not the use of disassembler. The disassembler is a type of reverse engineering tool that is used to dissect binary codes into assembly codes.
3. Which of the following is not a feature of IDAPro?
a) Instant debugging
b) Connect local and remote systems easily
c) Explore in-depth binary data
d) Convert machine language to high-level code
Answer: d
Clarification: IDAPro is used as a disassembler in manual binary code analysis and also used as debugger which is used for instant debugging, connect local and remote systems easily and explore in-depth binary data.
4. A _____________ takes executable file as input and tries to generate high level code.
a) Debugger
b) Decompiler
c) Disassembler
d) Hex Editor
Answer: b
Clarification: A decompiler takes an executable file as input and tries to generate high-level code. They can be said as opposite of compiler. It does not attempt to reverse the actions of the compiler; rather it transforms the input program repeatedly until HLL code is achieved.
5. ________________ does not attempt to reverse the actions of compiler; rather it transforms the input program repeatedly until HLL code is achieved.
a) Debugger
b) Hex Editor
c) Disassembler
d) Decompiler
Answer: d
Clarification: Usually, decompiler is feed with executable files and it tries to produce high-level code. They can be said as opposite of compiler. It does not attempt to reverse the actions of a compiler; rather it transforms the input program repeatedly until HLL code is achieved.
6. _____________ will not recreate the original source file created by the compiler.
a) Debugger
b) Hex Editor
c) Decompiler
d) Disassembler
Answer: c
Clarification: Decompilers does not attempt to reverse the actions of a compiler; rather it transforms the input program repeatedly until HLL code is achieved. They will not recreate the original source file created by the compiler.
7. Which of the following is not a decompiler tool?
a) DCC decompiler
b) Borol and C
c) Boomerang Decompiler
d) ExeToC
Answer: b
Clarification: Decompilers are part of Reverse Engineering tools that try to generate high-level code. Some common decompiler tools are DCC decompiler, Boomerang Decompiler, ExeToC, REC (reverse engineering compiler) etc.
8. REC stands for ________________
a) Reverse Engineering Compiler
b) Reverse Engineering Computer
c) Return-to-Code Engineering Compiler
d) Reversing Engineered Compiler
Answer: a
Clarification: Reverse Engineering Compiler (REC) is a decompiler tool that is part of Reverse Engineering tools which takes an executable file as input and tries to generate high-level code.
9. _______________ is a universal interactive program environment for reverse engineering.
a) TurboC
b) Andromeda Decompiler
c) IDAPro
d) PE Explorer
Answer: b
Clarification: Andromeda Decompiler is a universal interactive program environment for reverse engineering. It is a popular interactive decompiler that tries to generate high-level code.
10. Which one is not an example of .Net application decompiler?
a) Salamander
b) Dis#
c) Decompiler.Net
d) MultiRipper
Answer: d
Clarification: Decompilers are part of Reverse Engineering tools that take an executable file as input and tries to generate high-level code. MultiRipper is a Delphi and C++ decompiler. Salamander, Dis#, Anakrino & Decompiler.Net are .NET application decompilers.