220-1002 Question #39: Real Exam Question with Answer & Explanation

The correct answer is A: Rootkit. A rootkit is malware that embeds itself deep in the OS, typically gaining privileged (root-level) access and spawning hidden or disguised background processes that are difficult to detect through normal means. It can be delivered bundled with a downloaded application. The hallmar

Question

A technician is working on a user's workstation and notices a lot of unknown processes running in the background. The user informs the technician that an application was recently downloaded from the Internet. Which of the following types of infection does the user MOST likely have?

Options

ARootkit
BKeylogger
CTrojan
DRansomware

Explanation

A rootkit is malware that embeds itself deep in the OS, typically gaining privileged (root-level) access and spawning hidden or disguised background processes that are difficult to detect through normal means. It can be delivered bundled with a downloaded application. The hallmark symptom is unexpected, unknown processes running with elevated privileges. A keylogger (B) records keystrokes but doesn't typically cause multiple visible unknown processes. A Trojan (C) delivers malicious payloads but is more broadly categorized; once running, the payload is often a rootkit or similar. Ransomware (D) would immediately begin encrypting files and displaying a ransom demand.

Community Discussion

No community discussion yet for this question.

Full 220-1002 Practice