Which Trojan is a small HTTP server embedded inside any program and can be wrapped with a genuine program (e.g., game chess.exe)?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

Which Trojan is a small HTTP server embedded inside any program and can be wrapped with a genuine program (e.g., game chess.exe)?

Explanation:
The concept being tested is the idea of a very small HTTP server that can be embedded inside another program to provide a covert control interface. SHTTPD, short for Small HTTP Daemon, is exactly that: a lightweight HTTP server that can be bundled into a legitimate executable and run as part of it. This lets an attacker interact with the compromised system through HTTP requests, often using a browser to issue commands or fetch data, while the host program (like a game or other app) masks the server’s presence. This approach is why SHTTPD fits best: it’s designed to be embedded and wrapped inside another program, enabling a backdoor without drawing obvious attention. The other options describe different Trojan families or behavior (defacement focus, banking credential theft, or ICMP-based control) that don’t capture the idea of a tiny HTTP server embedded in a legitimate-looking executable.

The concept being tested is the idea of a very small HTTP server that can be embedded inside another program to provide a covert control interface. SHTTPD, short for Small HTTP Daemon, is exactly that: a lightweight HTTP server that can be bundled into a legitimate executable and run as part of it. This lets an attacker interact with the compromised system through HTTP requests, often using a browser to issue commands or fetch data, while the host program (like a game or other app) masks the server’s presence.

This approach is why SHTTPD fits best: it’s designed to be embedded and wrapped inside another program, enabling a backdoor without drawing obvious attention. The other options describe different Trojan families or behavior (defacement focus, banking credential theft, or ICMP-based control) that don’t capture the idea of a tiny HTTP server embedded in a legitimate-looking executable.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy