Which virus type modifies its code for each replication to avoid detection?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which virus type modifies its code for each replication to avoid detection?

Explanation:
Mutating code across replications to evade detection is the hallmark of polymorphic viruses. Each time a polymorphic virus infects a new file, it alters its own appearance—usually by encrypting the payload and swapping in a different decryption stub—so the exact byte sequence looks different even though the malicious action remains the same. This keeps signature-based defenses guessing, since there isn’t a single fixed pattern to match. The mutation engine is the mechanism that creates these variations, while the decryptor routine is the decoding step that changes with each new form. Macro viruses rely on embedded macros in documents and don’t inherently mutate in this way, and a decryptor routine alone is just a component, not the virus type. So the type of virus that modifies its code on every replication to avoid detection is polymorphic viruses.

Mutating code across replications to evade detection is the hallmark of polymorphic viruses. Each time a polymorphic virus infects a new file, it alters its own appearance—usually by encrypting the payload and swapping in a different decryption stub—so the exact byte sequence looks different even though the malicious action remains the same. This keeps signature-based defenses guessing, since there isn’t a single fixed pattern to match. The mutation engine is the mechanism that creates these variations, while the decryptor routine is the decoding step that changes with each new form. Macro viruses rely on embedded macros in documents and don’t inherently mutate in this way, and a decryptor routine alone is just a component, not the virus type. So the type of virus that modifies its code on every replication to avoid detection is polymorphic viruses.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy