nerdexam
Exams220-802Questions#934
CompTIA

220-802 · Question #934

220-802 Question #934: Real Exam Question with Answer & Explanation

The correct answer is D: Rootkit. Rootkits are the most difficult to remove because they operate at the kernel or firmware level of the operating system, granting them deep, privileged access to system resources. A rootkit can intercept and modify OS calls, hide its own files, processes, and registry entries, and

Question

Which of the following is typically the MOST difficult security threat to remove?

Options

  • ASpyware
  • BVirus
  • CTrojan
  • DRootkit

Explanation

Rootkits are the most difficult to remove because they operate at the kernel or firmware level of the operating system, granting them deep, privileged access to system resources. A rootkit can intercept and modify OS calls, hide its own files, processes, and registry entries, and even cloak other malware. Because the rootkit subverts the OS itself, standard antivirus tools running within that OS may be unable to detect or remove it. Removal typically requires booting from an external, trusted medium. Spyware, viruses, and Trojans, while damaging, generally operate at higher OS levels and are more susceptible to traditional removal tools.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 220-802 Practice