What is a rootkit and why is it so difficult to detect?

What will be an ideal response?


A rootkit is a virus that loads itself before the OS boot is complete. It can hide in boot managers, boot loader programs, or kernel mode device drivers. UEFI secure boot is especially designed to catch rootkits that launch during the boot. Because it is already loaded when most anti-malware software loads, it is sometimes overlooked by the software. A rootkit can hide folders that contain software it has installed, cause Task Manager to display a different name for its process, hide registry keys, and can operate in user mode or kernel mode. This last trick helps it remain undetected.

Computer Science & Information Technology

You might also like to view...

Answer the following questions true (T) or false (F)

1. cin is an output stream object of type ostream. 2. cout has type ostream, i.e., is an output object.

Computer Science & Information Technology

Express the following queries in relational algebra.

a. (5.16) b. (5.20) c. (5.23)

Computer Science & Information Technology

Discuss two ways that format is used in graphic design.

What will be an ideal response?

Computer Science & Information Technology

On what operating system is the VMM Local Agent NOT capable of installation?

A. Windows 7 B. Windows Server 2016 Hyper-V C. VMware ESX Server D. Windows 10

Computer Science & Information Technology