Which category describes systems that are currently running malware?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the SANS Advanced Incident Response exam. Boost your skills with flashcards and multiple-choice questions, featuring hints and explanations. Ace your exam faster!

Multiple Choice

Which category describes systems that are currently running malware?

Explanation:
The key idea is distinguishing by whether the malware is actively executing on a host. When malware is currently running, the system is described as having active malware. Dormant malware is present but not executing, and Living off the Land refers to attackers using legitimate tools rather than indicating the malware’s running state. Isolated systems describe containment status and can be either clean or infected, but isolation doesn’t imply malware is actively running. So the description for systems where malware is actually running is the one with active malware.

The key idea is distinguishing by whether the malware is actively executing on a host. When malware is currently running, the system is described as having active malware. Dormant malware is present but not executing, and Living off the Land refers to attackers using legitimate tools rather than indicating the malware’s running state. Isolated systems describe containment status and can be either clean or infected, but isolation doesn’t imply malware is actively running. So the description for systems where malware is actually running is the one with active malware.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy