EC-Council
312-50V11 · Question #309
312-50V11 Question #309: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V11 to reveal the answer and full explanation for question #309. The question stem and answer options stay visible for context.
Malware Threats
Question
How can a rootkit bypass Windows 7 operating system's kernel mode, code signing policy?
Options
- ADefeating the scanner from detecting any code change at the kernel
- BReplacing patch system calls with its own version that hides the rootkit (attacker's) actions
- CPerforming common services for the application process and replacing real applications with fake
- DAttaching itself to the master boot record in a hard drive and changing the machine's boot
Unlock 312-50V11 to see the answer
You've previewed enough free 312-50V11 questions. Unlock 312-50V11 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#rootkit#kernel mode#code signing#master boot record