nerdexam
EC-Council

312-50V13 · Question #124

Which of the following is the primary objective of a rootkit?

The correct answer is C. It replaces legitimate programs. The primary objective of a rootkit is to replace legitimate system programs or modify operating system components to conceal its presence and activities.

Submitted by katya_ua· Mar 6, 2026Malware Threats

Question

Which of the following is the primary objective of a rootkit?

Options

  • AIt opens a port to provide an unauthorized service
  • BIt creates a buffer overflow
  • CIt replaces legitimate programs
  • DIt provides an undocumented opening in a program

How the community answered

(34 responses)
  • A
    3% (1)
  • B
    6% (2)
  • C
    88% (30)
  • D
    3% (1)

Why each option

The primary objective of a rootkit is to replace legitimate system programs or modify operating system components to conceal its presence and activities.

AIt opens a port to provide an unauthorized service

While a rootkit might open a port, this is a method or consequence of its presence, not its primary objective, which is concealment.

BIt creates a buffer overflow

Rootkits typically exploit vulnerabilities, but creating a buffer overflow is a specific exploit technique to gain initial access, not the rootkit's ongoing primary objective.

CIt replaces legitimate programsCorrect

Rootkits are designed to gain and maintain surreptitious access to a computer while hiding their presence from legitimate users and system administrators. They achieve this by modifying core operating system files, utilities, or kernel modules, replacing legitimate programs with malicious versions to obscure malicious processes, files, or network connections.

DIt provides an undocumented opening in a program

Providing an undocumented opening in a program is a description of a backdoor, which can be a component of a rootkit's functionality, but the rootkit's overarching goal is hiding.

Concept tested: Rootkit purpose and functionality

Source: https://learn.microsoft.com/en-us/security/compass/incident-response-playbook-malware#rootkit

Topics

#rootkit#malware#stealth techniques#system compromise

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice