Which of the following activities is MOST likely to increase the difficulty of totally eradicating
malicious code that is not immediately detected?
A.
Applying patches
B.
Changing access rules
C.
Upgrading hardware
D.
Backing up files
Explanation:
If malicious code is not immediately detected, it will most likely be backed up as a part of the
normal tape backup process. When later discovered, the code may be eradicated from the device
but still remain undetected ON a backup tape. Any subsequent restores using that tape may
reintroduce the malicious code. Applying patches, changing access rules and upgrading hardware
does not significantly increase the level of difficulty.