Interested to Buy Any Domain ? << Click Here >> for more details...
A malicious code that changes itself with each file it
infects is called a:
A. logic bomb.
B. stealth virus.
C. trojan horse.
D. polymorphic virus.
- 3 Answers
- 14271 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
A polymorphic virus has the capability of changing its own
code, enabling it to have many different variants. Since
they have no consistent binary pattern, such viruses are
hard to identify. A logic bomb is code that is hidden in a
program or system which will cause something to happen when
the user performs a certain action or when certain
conditions are met. A logic bomb, which can be downloaded
along with a corrupted shareware or freeware program, may
destroy data, violate system security, or erase the hard
drive. A stealth virus is a virus that hides itself by
intercepting disk access requests. When an antivirus program
tries to read files or boot sectors to find the virus, the
stealth virus feeds the antivirus program a clean image of
the file or boot sector. A trojan horse is a virus program
that appears to be useful and harmless but which has harmful
side effects such as destroying data or breaking the
security of the system on which it is run.
| Is This Answer Correct ? | 8 Yes | 1 No |
Which of the following audit procedures would an IS auditor normally perform FIRST when reviewing an organization's systems development methodology? A. Determine procedural adequacy. B. Analyze procedural effectiveness. C. Evaluate level of compliance with procedures. D. Compare established standards to observed procedures.
The success of control self-assessment (CSA) depends highly on: A. Having line managers assume a portion of the responsibility for control monitoring. B. Assigning staff managers the responsibility for building, but not monitoring, controls. C. The implementation of stringent control policy and rule- driven controls. D. The implementation of supervision and the monitoring of control assigned duties
In a system development project the purpose of the program and procedure development phase is to: A. prepare, test and document all programs and manual procedures. B. document a business or system problem to a level at which management can select a solution. C. prepare a high-level design of a proposed system solution and present reasons for adopting a solution. D. expand the general design of an approved solution so that program and procedure writing can begin.
A critical function of a firewall is to act as a: A. special router that connects the Internet to a LAN. B. device for preventing authorized users from accessing the LAN. C. server used to connect authorized users to private trusted network resources. D. proxy server to increase the speed of access to authorized users.
Which of the following provides a mechanism for coding and compiling programs interactively? A. Firmware B. Utility programs C. Online programming facilities D. Network management software
Which of the following is a practice that should be incorporated into the plan for testing disaster recovery procedures? A. Invite client participation. B. Involve all technical staff. C. Rotate recovery managers. D. Install locally stored backup.
The MAJOR advantage of the risk assessment approach over the baseline approach to information security management is that it ensures: A. information assets are over protected. B. a basic level of protection is applied regardless of asset value. C. appropriate levels of protection are applied to information assets. D. an equal proportion of resources are devoted to protecting all information assets.
One of the purposes of library control software is to allow: A. programmers access to production source and object libraries. B. batch program updating. C. operators to update the control library with the production version before testing is completed. D. read-only access to source code.
To review access to ceratin data base to determine whether the "new user" forms were correctly authorized. This is an example of:
When planning an audit of a network set up, the IS auditor should give highest priority to obtaining which of the following network documentation? A. Wiring and schematic diagram B. Users list and responsibilities C. Applications list and their details D. Backup and recovery procedures
At the end of a simulation of an operational contingency test, the IS auditor performed a review of the recovery process. The IS auditor concluded that the recovery took more than the critical time frame allows. Which of the following actions should the auditor recommend? A. Widen the physical capacity to accomplish better mobility in a shorter time. B. Shorten the distance to reach the hot site. C. Perform an integral review of the recovery tasks. D. Increase the number of human resources involved in the recovery process.
Which of the following should be of MOST concern to an IS auditor? A. Lack of reporting of a successful attack on the network B. Failure to notify police of an attempted intrusion C. Lack of periodic examination of access rights D. Lack of notification to the public of an intrusion
Cisco Certifications 
