29 Jan Practice Test Question-Malicious Code
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
A contractor for the German company Siemens recently pled guilty to an attack where he altered software he sold to Siemens so that it would periodically break, requiring the company to hire him to fix it. What term best describes this type of attack?
A. Logic Bomb
D. Trojan Horse
Correct Answer: A
This is an example of a logic bomb, a piece of malicious software that is configured to trigger its payload when some future conditions are met. In this case, the attacker programmed the software to wait until a certain time and then disable itself. A remote access trojan, or RAT, is malware that allows the attacker to access the infected system. There’s no discussion of that happening in this situation. In fact, there’s no indication that any malware was used in the attack, which tells us that the attack wasn’t a regular Trojan horse or a worm either.