Certified Ethical Hacker (CEH v10) — Question 24

Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual machine to simulate CPU and memory activities.
Which type of virus detection method did Chandler use in this context?

Answer options

• A. Heuristic Analysis
• B. Code Emulation
• C. Integrity checking
• D. Scanning

Correct answer: B

Explanation

The correct answer is B, Code Emulation, as it involves executing potentially harmful code in a controlled environment to observe its behavior. Option A, Heuristic Analysis, uses rule-based methods to identify viruses without executing them, while option C, Integrity checking, focuses on verifying the integrity of files rather than simulating code execution. Option D, Scanning, typically involves searching for known signatures of malware rather than running the code.