CompTIA Security+ (SY0-501) — Question 115

A technician suspects that a system has been compromised. The technician reviews the following log entry:
WARNING- hash mismatch: C:\Window\SysWOW64\user32.dll
WARNING- hash mismatch: C:\Window\SysWOW64\kernel32.dll
Based solely ono the above information, which of the following types of malware is MOST likely installed on the system?

Answer options

• A. Rootkit
• B. Ransomware
• C. Trojan
• D. Backdoor

Correct answer: A

Explanation

A rootkit is designed to hide its presence and can alter system files, causing hash mismatches. The other options, such as ransomware and Trojans, typically do not focus on stealthily altering existing system files in the same way a rootkit does. A backdoor may allow unauthorized access but does not necessarily cause hash mismatches like a rootkit would.