CompTIA
CAS-001 · Question #427
CAS-001 Question #427: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-001 to reveal the answer and full explanation for question #427. The question stem and answer options stay visible for context.
Question
A security administrator is investigating the compromise of a software distribution website. Forensic analysis shows that several popular files are infected with malicious code. However,comparing a hash of the infected files with the original, non-infected files which were restored from backup, shows that the hash is the same. Which of the following explains this?
Options
- AThe infected files were using obfuscation techniques to evade detection by antivirus software.
- BThe infected files were specially crafted to exploit a collision in the hash function.
- CThe infected files were using heuristic techniques to evade detection by antivirus software.
- DThe infected files were specially crafted to exploit diffusion in the hash function.
Unlock CAS-001 to see the answer
You've previewed enough free CAS-001 questions. Unlock CAS-001 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.