CompTIA
CAS-002 · Question #345
CAS-002 Question #345: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-002 to reveal the answer and full explanation for question #345. The question stem and answer options stay visible for context.
Question
A security administrator is investigating the compromise of a software distribution website. Forensic analysis shows that several popular files are infected with malicious code. However, comparing a hash of the infected files with the original, non-infected files which were restored from backup, shows that the hash is the same. Which of the following explains this?
Options
- AThe infected files were using obfuscation techniques to evade detection by antivirus software.
- BThe infected files were specially crafted to exploit a collision in the hash function.
- CThe infected files were using heuristic techniques to evade detection by antivirus software.
- DThe infected files were specially crafted to exploit diffusion in the hash function.
Unlock CAS-002 to see the answer
You've previewed enough free CAS-002 questions. Unlock CAS-002 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.