SY0-501 · Question #515
SY0-501 Question #515: Real Exam Question with Answer & Explanation
The correct answer is A: Ransomware. Ann's workstation files are missing, and an unknown party is demanding funds for their restoration, which are classic indicators of a ransomware attack.
Question
Ann, a customer, is reporting that several important files are missing from her workstation. She recently received communication from an unknown party who is requesting funds to restore the files. Which of the following attacks has occurred?
Options
- ARansomware
- BKeylogger
- CBuffer overflow
- DRootkit
Explanation
Ann's workstation files are missing, and an unknown party is demanding funds for their restoration, which are classic indicators of a ransomware attack.
Common mistakes.
- B. A keylogger is designed to record keystrokes made on a keyboard, not to encrypt files or demand a ransom for their restoration.
- C. A buffer overflow is a type of software vulnerability where a program attempts to write data beyond the boundaries of a fixed-size buffer, often leading to system crashes or arbitrary code execution, but not directly to file encryption for ransom.
- D. A rootkit is a collection of software tools designed to enable persistent, surreptitious access to a computer while actively hiding its presence and that of other malware, rather than directly encrypting user files and demanding payment.
Concept tested. Identifying ransomware attack characteristics
Reference. https://learn.microsoft.com/en-us/windows/security/threat-protection/malware-encyclopedia/ransomware
Community Discussion
No community discussion yet for this question.