ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-49 All Questions

View all questions & answers for the 312-49 exam
Go to Exam

Exam 312-49 topic 1 question 191 discussion

Actual exam question from ECCouncil's 312-49
Question #: 191
Topic #: 1
[All 312-49 Questions]

You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?

  • A. Polymorphic
  • B. Metamorphic
  • C. Oligomorhic
  • D. Transmorphic
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Ariel235788 at Jan. 1, 2022, 8:38 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
fhramke
1 year, 1 month ago
Selected Answer: B
Metamorphic malware is the one which translates and changes itself or you can say re-write it's code with each iteration so that it can be difficult for the anti-malware software to identify its signature or pattern. The longer the malware stays in a system, the more iteration it produces and the more sophisticated the iterations are, making it increasingly hard for antivirus applications to detect or diffuse it. Polymorphic malware works by encrypting itself with a variable encryption key since the keys used for encryption are different so each copy looks different. But the virus decryption routine would remain constant and because of this static part of code, it gets easy for an antivirus program to identify the malware.
upvoted 1 times
...
Ariel235788
1 year, 7 months ago
https://pediaa.com/difference-between-polymorphic-and-metamorphic-virus/ Just a bad question again. Both polymorphic and metamorphic rewrite their code to avoid detection. Poly encrypts itself being the only difference
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel