SY0-301 · Question #754
Which of the following malware types is MOST likely to execute its payload after Jane, an employee, has left the company?
The correct answer is B. Logic bomb. A logic bomb is malware that executes its payload only when a specific triggering condition is met, such as a date or the absence of a particular user account.
Question
Which of the following malware types is MOST likely to execute its payload after Jane, an employee, has left the company?
Options
- ARootkit
- BLogic bomb
- CWorm
- DBotnet
How the community answered
(34 responses)- A3% (1)
- B91% (31)
- C6% (2)
Why each option
A logic bomb is malware that executes its payload only when a specific triggering condition is met, such as a date or the absence of a particular user account.
A rootkit is designed to hide malware and maintain persistent privileged access to a system; it does not use conditional triggering logic tied to an employee's status.
A logic bomb is code that remains dormant and harmless until a predefined condition is satisfied - a classic scenario is an employee planting one to trigger after their account is removed or after a certain date following their departure. This makes it the ideal tool for disgruntled employees seeking delayed revenge, as the payload executes after they have left and established an alibi.
A worm self-replicates and spreads across networks autonomously; its execution is immediate and not contingent on external conditions like an employee's departure.
A botnet is a network of compromised machines controlled by a command-and-control server; it executes commands in near real time and is not designed around deferred conditional triggers.
Concept tested: Logic bomb conditional payload execution
Source: https://csrc.nist.gov/glossary/term/logic_bomb
Topics
Community Discussion
No community discussion yet for this question.