nerdexam
(ISC)2

CISSP · Question #121

Which of the following is the BEST way to determine if a particular system is able to identify malicious software without executing it?

The correct answer is B. Testing with an EICAR file. The best way to determine if a particular system is able to identify malicious software without executing it is to test it with an EICAR file. An EICAR file is a standard file that is used to test the functionality and performance of antivirus software, without using any real mal

Submitted by emma.c· Mar 5, 2026Security Assessment and Testing

Question

Which of the following is the BEST way to determine if a particular system is able to identify malicious software without executing it?

Options

  • ATesting with a Botnet
  • BTesting with an EICAR file
  • CExecuting a binary shellcode
  • DRun multiple antivirus programs

How the community answered

(37 responses)
  • A
    5% (2)
  • B
    86% (32)
  • C
    8% (3)

Explanation

The best way to determine if a particular system is able to identify malicious software without executing it is to test it with an EICAR file. An EICAR file is a standard file that is used to test the functionality and performance of antivirus software, without using any real malware. An EICAR file is a harmless text file that contains a specific string of characters that is recognized by most antivirus software as a virus signature. An EICAR file can be used to check if the antivirus software is installed, configured, updated, and working properly, without risking any damage or infection to the system. Testing with a botnet, executing a binary shellcode, and running multiple antivirus programs are not the best ways to determine if a particular system is able to identify malicious software without executing it, as they may involve using or creating actual malware, which can be dangerous, illegal, or unethical, and may compromise the security or performance

Topics

#malware detection#antivirus testing#EICAR

Community Discussion

No community discussion yet for this question.

Full CISSP Practice