GIAC Exam GCED Topic 2 Question 52 Discussion

Actual exam question for GIAC's GCED exam

Question #: 52
Topic #: 2

[All GCED Questions]

Which of the following is a major problem that attackers often encounter when attempting to develop or use a kernel mode rootkit?

ATheir effectiveness depends on the specific applications used on the target system.

BThey tend to corrupt the kernel of the target system, causing it to crash.

CThey are unstable and are easy to identify after installation

DThey are highly dependent on the target OS.

Show Suggested Answer

Suggested Answer: C

Recent versions of IOS have less services enabled by default, older versions vary but generally have more services (even those not needed) enabled by default; this increases the attack surface on the device.

by Valentin at Sep 16, 2024, 06:53 PM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Stephaine

2 days ago

But don't you think that attackers also struggle with the fact that rootkits can be unstable and easy to identify after installation?

upvoted 0 times

...

Willie

5 days ago

I agree with Stefany. If the target OS changes, the rootkit may not work properly.

upvoted 0 times

...

Stefany

7 days ago

I think the major problem attackers face is that kernel mode rootkits are highly dependent on the target OS.

upvoted 0 times

...