CISSP · Question #121
Which of the following is the BEST way to determine if a particular system is able to identify malicious software without executing it?
The correct answer is B. Testing with an EICAR file. The best way to determine if a particular system is able to identify malicious software without executing it is to test it with an EICAR file. An EICAR file is a standard file that is used to test the functionality and performance of antivirus software, without using any real mal
Question
Options
- ATesting with a Botnet
- BTesting with an EICAR file
- CExecuting a binary shellcode
- DRun multiple antivirus programs
How the community answered
(37 responses)- A5% (2)
- B86% (32)
- C8% (3)
Explanation
The best way to determine if a particular system is able to identify malicious software without executing it is to test it with an EICAR file. An EICAR file is a standard file that is used to test the functionality and performance of antivirus software, without using any real malware. An EICAR file is a harmless text file that contains a specific string of characters that is recognized by most antivirus software as a virus signature. An EICAR file can be used to check if the antivirus software is installed, configured, updated, and working properly, without risking any damage or infection to the system. Testing with a botnet, executing a binary shellcode, and running multiple antivirus programs are not the best ways to determine if a particular system is able to identify malicious software without executing it, as they may involve using or creating actual malware, which can be dangerous, illegal, or unethical, and may compromise the security or performance
Topics
Community Discussion
No community discussion yet for this question.