A malicious code that changes itself with each file it
infects is called a:
A. logic bomb.
B. stealth virus.
C. trojan horse.
D. polymorphic virus.
- 3 Answers
- 11240 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
A polymorphic virus has the capability of changing its own
code, enabling it to have many different variants. Since
they have no consistent binary pattern, such viruses are
hard to identify. A logic bomb is code that is hidden in a
program or system which will cause something to happen when
the user performs a certain action or when certain
conditions are met. A logic bomb, which can be downloaded
along with a corrupted shareware or freeware program, may
destroy data, violate system security, or erase the hard
drive. A stealth virus is a virus that hides itself by
intercepting disk access requests. When an antivirus program
tries to read files or boot sectors to find the virus, the
stealth virus feeds the antivirus program a clean image of
the file or boot sector. A trojan horse is a virus program
that appears to be useful and harmless but which has harmful
side effects such as destroying data or breaking the
security of the system on which it is run.
| Is This Answer Correct ? | 7 Yes | 1 No |
The difference between a vulnerability assessment and a penetration test is that a vulnerability assessment: A. searches and checks the infrastructure to detect vulnerabilities, whereas penetration testing intends to exploit the vulnerabilities to probe the damage that could result from the vulnerabilities. B. and penetration tests are different names for the same activity. C. is executed by automated tools, whereas penetration testing is a totally manual process. D. is executed by commercial tools, whereas penetration testing is executed by public processes.
In which of the following phases of the system development life cycle (SDLC) is it the MOST important for the IS auditor to participate? A. Design B. Testing C. Programming D. Implementation
A critical function of a firewall is to act as a: A. special router that connects the Internet to a LAN. B. device for preventing authorized users from accessing the LAN. C. server used to connect authorized users to private trusted network resources. D. proxy server to increase the speed of access to authorized users.
The rate of change of technology increases the importance of: A. outsourcing the IS function. B. implementing and enforcing good processes. C. hiring personnel willing to make a career within the organization. D. meeting user requirements.
An IS auditor is reviewing the risk management process. Which of the following is the MOST important consideration during this review? A. Controls are implemented based on cost-benefit analysis. B. The risk management framework is based on global standards. C. The approval process for risk response is in place. D. IT risk is presented in business terms.
Which of the following provides a mechanism for coding and compiling programs interactively? A. Firmware B. Utility programs C. Online programming facilities D. Network management software
Change control procedures to prevent scope creep during an application development project should be defined during: A. design. B. feasibility. C. implementation. D. requirements definition.
The most likely error to occur when implementing a firewall is: A. incorrectly configuring the access lists. B. compromising the passwords due to social engineering. C. connecting a modem to the computers in the network. D. inadequately protecting the network and server from virus attacks.
When planning an audit of a network set up, the IS auditor should give highest priority to obtaining which of the following network documentation? A. Wiring and schematic diagram B. Users list and responsibilities C. Applications list and their details D. Backup and recovery procedures
As a result of a business process reengineering (BPR) project: A. an IS auditor would be concerned with the key controls that existed in the prior business process and not those in the new process. B. system processes are automated in such a way that there are more manual interventions and manual controls. C. the newly designed business processes usually do not involve changes in the way(s) of doing business. D. advantages usually are realized when the reengineering process appropriately suits the business and risk.
An IS auditor doing penetration testing during an audit of Internet connections would: A. evaluate configurations. B. examine security settings. C. ensure virus-scanning software is in use. D. use tools and techniques that are available to a hacker.
The MOST appropriate person to chair the steering committee for a system development project with significant impact on a business area would be the: A. business analyst. B. chief information officer. C. project manager. D. executive level manager.
Cisco Certifications 
