nerdexam
GIAC

GSLC · Question #26

GSLC Question #26: Real Exam Question with Answer & Explanation

The correct answer is B. Logic Bomb. A logic bomb is malicious code that remains dormant until a specific condition or trigger is met, such as reaching a defined counter value like 1 million visits.

Question

Your Web server crashes at exactly the point where it reaches 1 million total visits. You discover the cause of the server crash is malicious code. Which description best fits this code?

Options

  • AWorm
  • BLogic Bomb
  • CPolymorphic Virus
  • DVirus

Explanation

A logic bomb is malicious code that remains dormant until a specific condition or trigger is met, such as reaching a defined counter value like 1 million visits.

Common mistakes.

  • A. A worm is self-replicating malware that spreads across networks independently; it does not trigger based on a specific condition like a counter.
  • C. A polymorphic virus mutates its own code to evade detection and spreads by attaching to files, which does not describe condition-based triggering.
  • D. A virus attaches to legitimate programs and replicates when the host is executed, but does not specifically activate based on a predefined threshold condition.

Concept tested. Logic bomb malware trigger mechanism

Reference. https://www.cisa.gov/uscert/ncas/tips/ST18-271

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSLC Practice
Your Web server crashes at exactly the point where it reaches 1... | GSLC Q#26 Answer | NerdExam