During a routine configuration audit, a systems administrator determines that a former employee placed an
executable on an application server. Once the system was isolated and diagnosed, it was determined that the
executable was programmed to establish a connection to a malicious command and control server. Which of
the following forms of malware is best described in the scenario?
A.
Logic bomb
B.
Rootkit
C.
Back door
D.
Ransomware
I think this should be C.
0
0
I’m not sure. Part of the definition of a rootkit:
A rootkit allows someone, either legitimate or malicious, to maintain command and control over a computer system, without the computer system user knowing about it. This means that the owner of the rootkit is capable of executing files and changing system configurations on the target machine, as well as accessing log files or monitoring activity to covertly spy on the user’s computer usage.
Sounds an awful lot like the question to me. I’d stick with rootkit.
0
0