GCIH · Question #450
View the following screen capture. Which of the following security mechanisms detected downloader.exe as a possible threat?
The correct answer is B. System-level protection. System-level protection refers to host-based security controls that operate at the operating system layer, most commonly endpoint protection platforms (EPP) or antivirus/anti-malware software such as Windows Defender. These tools monitor file system activity, process execution, a
Question
View the following screen capture. Which of the following security mechanisms detected downloader.exe as a possible threat?
Exhibit
Options
- AHost perimeter detection
- BSystem-level protection
- CApplication-level detection
- DNetwork perimeter detection
How the community answered
(26 responses)- A12% (3)
- B81% (21)
- C4% (1)
- D4% (1)
Explanation
System-level protection refers to host-based security controls that operate at the operating system layer, most commonly endpoint protection platforms (EPP) or antivirus/anti-malware software such as Windows Defender. These tools monitor file system activity, process execution, and memory at the OS level - making them well-positioned to flag a suspicious executable like downloader.exe before or during execution. Network perimeter detection (Option D) would catch threats at the network boundary (e.g., a firewall or IDS/IPS inspecting traffic), not a local executable on a host. Host perimeter detection (Option A) typically refers to host-based firewalls that inspect inbound/outbound connections, not file-level threat detection. Application-level detection (Option C) would be security logic embedded within a specific application. Since the screen capture shows a local file (downloader.exe) being flagged, the source is the system-level endpoint protection agent running on that host.
Topics
Community Discussion
No community discussion yet for this question.
