During a routine configuration audit, a systems administrator determines that a former employee
placed an executable on an application server. Once the system was isolated and diagnosed, it
was determined that the executable was programmed to establish a connection to a malicious
command and control server. Which of the following forms of malware is best described in the
scenario?

A.
Logic bomb

B.
Rootkit

C.
Back door

D.
Ransomware