Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 118

What are two rootkit types? (Choose two.)

Answer options

• A. registry
• B. buffer mode
• C. user mode
• D. bootloader
• E. virtual

Correct answer: C, D

Explanation

User mode rootkits operate at the application level, allowing them to manipulate processes and hide their presence from the operating system. Bootloader rootkits, on the other hand, are loaded during the boot process and can control the system before the operating system fully loads, making them particularly difficult to detect. The other options, such as registry, buffer mode, and virtual, do not represent recognized types of rootkits.