Which virus type overwrites the directory entry pointer to direct disk reads to the virus code instead of the actual program?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which virus type overwrites the directory entry pointer to direct disk reads to the virus code instead of the actual program?

Explanation:
Stealth techniques in malware focus on hiding the virus from the system and the user by manipulating how data is presented or read. The scenario described—overwriting the directory entry pointer so that disk reads fetch the virus code instead of the real program—is a classic stealth tactic. By altering the pointer that the file system uses to locate a file’s data, the virus ensures that what’s read from disk appears to be the legitimate program, while the actual code of the virus sits somewhere else. This lets the virus stay hidden during normal activity and antivirus checks, because reads return the fake, non-infected content. Macro viruses target documents and their macros, not the file system’s data pointers for executable code. Decryptor routines are used to decrypt the virus payload, aiding infection or evasion rather than hiding I/O from the system. General file viruses infect executable files or other targets but don’t necessarily rely on intercepting and redirecting directory entries to conceal themselves. Stealth viruses, by contrast, specifically aim to conceal the presence of the virus by manipulating how data is read from disk, such as redirecting reads to the virus code.

Stealth techniques in malware focus on hiding the virus from the system and the user by manipulating how data is presented or read. The scenario described—overwriting the directory entry pointer so that disk reads fetch the virus code instead of the real program—is a classic stealth tactic. By altering the pointer that the file system uses to locate a file’s data, the virus ensures that what’s read from disk appears to be the legitimate program, while the actual code of the virus sits somewhere else. This lets the virus stay hidden during normal activity and antivirus checks, because reads return the fake, non-infected content.

Macro viruses target documents and their macros, not the file system’s data pointers for executable code. Decryptor routines are used to decrypt the virus payload, aiding infection or evasion rather than hiding I/O from the system. General file viruses infect executable files or other targets but don’t necessarily rely on intercepting and redirecting directory entries to conceal themselves. Stealth viruses, by contrast, specifically aim to conceal the presence of the virus by manipulating how data is read from disk, such as redirecting reads to the virus code.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy