PrepAway - Latest Free Exam Questions & Answers

Which of the following is this an example of?

Ann, a software developer, has installed some code to reactivate her account one week after her account
has been disabled. Which of the following is this an example of? (Select TWO).

PrepAway - Latest Free Exam Questions & Answers

A.
Rootkit

B.
Logic Bomb

C.
Botnet

D.
Backdoor

E.
Spyware

Explanation:
This is an example of both a logic bomb and a backdoor. The logic bomb is configured to ‘go off’ or
activate one week after her account has been disabled. The reactivated account will provide a backdoor
into the system.
A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious
function when specified conditions are met. For example, a programmer may hide a piece of code that
starts deleting files should they ever be terminated from the company.
Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute
a certain payload at a pre-defined time or when some other condition is met. This technique can be used
by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host
systems on specific dates, such as Friday the 13th or April Fool’s Day. Trojans that activate on certain
dates are often called “time bombs”.
To be considered a logic bomb, the payload should be unwanted and unknown to the user of the
software. As an example, trial programs with code that disables certain functionality after a set time are
not normally regarded as logic bombs.
A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal
authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so
on, while attempting to remain undetected. The backdoor may take the form of an installed program
(e.g., Back Orifice) or may subvert the system through a rootkit.
A backdoor in a login system might take the form of a hard coded user and password combination which
gives access to the system.Incorrect Answers:
A: A rootkit is a collection of tools (programs) that enable administrator-level access to a computer or
computer network. Typically, a cracker installs a rootkit on a computer after first obtaining user-level
access, either by exploiting a known vulnerability or cracking a password. Once the rootkit is installed, it
allows the attacker to mask intrusion and gain root or privileged access to the computer and, possibly,
other machines on the network. In this question, a program hasn’t been installed. Therefore, a rootkit is
not what is described in the question so this answer is incorrect.
C: A botnet is a collection of Internet-connected programs communicating with other similar programs in
order to perform tasks. This can be as mundane as keeping control of an Internet Relay Chat (IRC)
channel, or it could be used to send spam email or participate in distributed denial-of-service attacks. The
word botnet is a combination of the words robot and network. The term is usually used with a negative or
malicious connotation.
Computers can be co-opted into a botnet when they execute malicious software. This can be
accomplished by luring users into making a drive-by download, exploiting web browser vulnerabilities, or
by tricking the user into running a Trojan horse program, which may come from an email attachment.
This malware will typically install modules that allow the computer to be commanded and controlled by
the botnet’s operator. Many computer users are unaware that their computer is infected with bots.
Depending on how it is written, a Trojan may then delete itself, or may remain present to update and
maintain the modules. In this question, no software has been installed. Therefore, a botnet is not what is
described in the question so this answer is incorrect.
E: Spyware is software that aids in gathering information about a person or organization without their
knowledge and that may send such information to another entity without the consumer’s consent, or
that asserts control over a computer without the consumer’s knowledge.
“Spyware” is mostly classified into four types: system monitors, trojans, adware, and tracking cookies.
Spyware is mostly used for the purposes of tracking and storing Internet users’ movements on the Web
and serving up pop-up ads to Internet users.
Whenever spyware is used for malicious purposes, its presence is typically hidden from the user and can
be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared,
corporate, or public computer intentionally in order to monitor users. In this question, no software has
been installed. Therefore, spyware is not what is described in the question so this answer is incorrect.
http://en.wikipedia.org/wiki/Logic_bomb
http://en.wikipedia.org/wiki/Botnet
http://www.webopedia.com/TERM/V/virus.html
http://en.wikipedia.org/wiki/Backdoor_%28computing%29
http://searchmidmarketsecurity.techtarget.com/definition/rootkit


Leave a Reply