CERTIFIED-IN-CYBERSECURITY · Question #517
CERTIFIED-IN-CYBERSECURITY Question #517: Real Exam Question with Answer & Explanation
The correct answer is C: It encrypts the victim's data and demands payment to decrypt it. Ransomware is a type of malicious software that encrypts the victim's data and then demands a ransom, usually in the form of a cryptocurrency such as bitcoin, to restore access to the data (see ISC2 Study Guide, Chapter 4, Module 2). The attacker will provide a decryption key onc
Question
Which of the following statements is TRUE about ransomware?
Options
- AIt doesn't encrypt files, it deletes them
- BIt is a type of software that is installed with the user's permission
- CIt encrypts the victim's data and demands payment to decrypt it
- DIt only affects Windows computers
Explanation
Ransomware is a type of malicious software that encrypts the victim's data and then demands a ransom, usually in the form of a cryptocurrency such as bitcoin, to restore access to the data (see ISC2 Study Guide, Chapter 4, Module 2). The attacker will provide a decryption key once the ransom is paid, although there's no guarantee that they will do so. For example, the 2017 WannaCry ransomware attack encrypted data on infected systems and demanded a ransom payment in Bitcoin to decrypt the data. The attack affected hundreds of thousands of computers worldwide and caused significant disruption. The other options are wrong for distinct reasons. Ransomware does not only affect Windows computers; it can target any system, including Macs and Linux machines. While some types of ransomware may delete or threaten to delete files, the primary function of ransomware is to encrypt files, not delete them. Ransomware is usually not installed with the user's permission. It often tricks users into installing it through phishing emails or exploits vulnerabilities in software to install itself without user interaction.
Topics
Community Discussion
No community discussion yet for this question.