Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

GIAC GCIH Exam - Topic 5 Question 53 Discussion

Which of the following types of rootkits replaces regular application binaries with Trojan fakes and modifies the behavior of existing applications using hooks, patches, or injected code?
A) Application level rootkit
B) Hypervisor rootkit
C) Kernel level rootkit
D) Boot loader rootkit

GIAC GCIH Exam - Topic 5 Question 53 Discussion

Actual exam question for GIAC's GCIH exam
Question #: 53
Topic #: 5
[All GCIH Questions]

Which of the following types of rootkits replaces regular application binaries with Trojan fakes and modifies the behavior of existing applications using hooks, patches, or injected code?

Show Suggested Answer Hide Answer
Suggested Answer: A

Contribute your Thoughts:

0/2000 characters
Elvis
2 days ago
Really? I didn’t know application level rootkits could do that!
upvoted 0 times
...
Renea
7 days ago
I thought Boot loader rootkits were more common, but this makes sense.
upvoted 0 times
...
Becky
12 days ago
Wait, are we sure it’s not Kernel level? That one’s tricky!
upvoted 0 times
...
Jules
2 months ago
Totally agree, it’s all about those application binaries.
upvoted 0 times
...
Noble
2 months ago
A) Application level rootkit is the right answer!
upvoted 0 times
...
Honey
3 months ago
I’m leaning towards A as well, but I keep mixing up the definitions of the different types. I should have reviewed those examples more thoroughly.
upvoted 0 times
...
Yoko
3 months ago
I’m a bit confused between application level and kernel level rootkits. They both seem to modify behavior, but I feel like application level is more about the binaries.
upvoted 0 times
...
Ben
3 months ago
I remember practicing a question like this, and I think the answer was related to how the rootkit interacts with applications. Could it be A?
upvoted 0 times
...
Tracey
3 months ago
I think this might be the application level rootkit, but I'm not entirely sure. It sounds familiar from the study materials.
upvoted 0 times
...

Save Cancel