True or False :

1) Importing the Olelnitialize function indicates that the malware is using Component Object Models ( )

2) Each thread has one or more process ( )

3) The function" Wait or Single Object " indicate that malware uses Object models ( )

4)User applications usually call the ntdll library ( )

5) Hardware Breakpoints use the ECX and EDX Registers ( )

6) Understanding Rebasing is very important before using IDA Pro ( )

7) In virtualization Bridging mode lets VMs see each other and the Inter mode lets VMs see each other and the Internet, but puts a virtual router between the VM and the LAN

8) You have to unpack any malware before making dynamic analysis for it ( )

9) The stack can be accessed only using PUSH and POP ( )