Register
Which of the following techniques might be used to automatically detect and block malicious software that does not match known malware signatures? A. MAC B. Hashing C. Decompiling D. Sandboxing
154k views
1 vote
Which of the following techniques might be used to automatically detect and block malicious software that does not match known malware signatures?

A. MAC
B. Hashing
C. Decompiling
D. Sandboxing

User NemesisMF
by
7.6k points

2 Answers

3 votes

Final answer:

Sandboxing is a technique used to detect and block malicious software that does not match known malware signatures by monitoring program behavior in an isolated environment.

Step-by-step explanation:

To automatically detect and block malicious software that does not match known malware signatures, the technique that might be used is D. Sandboxing. Sandboxing involves running a program in an isolated environment to monitor its behavior without risking the system's security. Unlike signature-based detection, which relies on known patterns, sandboxing allows analysts to observe the behavior of potentially harmful software and block it if it acts in a suspicious manner, such as attempting to modify system files or install unauthorized software.

Techniques like MAC (Mandatory Access Control), Hashing, and Decompiling serve different purposes. MAC enforces security policies at a system level, Hashing allows integrity checking, and Decompiling translates binary code back into readable source code, none of which are primarily used for dynamic malware analysis and protection like sandboxing.

User Martijn Welker
by
8.4k points
4 votes

Final Answer:

To automatically detect and block malicious software that doesn't match known malware signatures, the technique commonly employed is Sandboxing.

Therefore, correct answer is D. Sandboxing

Step-by-step explanation:

Traditional antivirus solutions rely on known malware signatures, but they struggle to identify new, previously unseen threats. Sandboxing, on the other hand, is a proactive approach to threat detection. It involves executing potentially malicious code in a controlled environment (the "sandbox") to observe its behavior without risking harm to the actual system.

By isolating and analyzing the behavior of the software in a sandbox, security systems can detect suspicious activities indicative of malware, even if the specific signatures are unknown. This proactive method is effective against zero-day attacks and new, sophisticated threats that may not have identifiable signatures.

Therefore, correct answer is D. Sandboxing

User Adam Merrifield
by
8.4k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

9.4m questions

12.1m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
Disadvantages of using animation in advertising? advantages and disadvantages of using animation for education? advantages and disadvantages of using animation in entertainment?
Explain why binary codes are used to represent characters, numbers and symbols :)
Link Copied!