CompTIA Security+ (SY0-501) — Question 987

Joe, a user, reports to the help desk that he can no longer access any documents on his PC. He states that he saw a window appear on the screen earlier, but he closed it without reading it. Upon investigation, the technician sees high disk activity on Joe's PC. Which of the following types of malware is MOST likely indicated by these findings?

Answer options

• A. Keylogger
• B. Trojan
• C. Rootkit
• D. Crypto-malware

Correct answer: D

Explanation

Crypto-malware is designed to encrypt files on a user's system, which would explain Joe's inability to access documents. The high disk activity suggests that the encryption process is occurring in the background. The other options, such as keyloggers, trojans, and rootkits, do not typically result in the same kind of file access issues or high disk activity associated with encryption.