During a routine security audit, a technician discovers that a user's workstation has a program that records keystrokes and periodically sends the data to an external server. The user denies installing any software recently. Which type of malware is this?
Trap 1: Trojan horse
A Trojan disguises itself as legitimate software but does not necessarily record keystrokes; it may give remote access.
Trap 2: Worm
A worm self-replicates across networks, but it does not typically record keystrokes or send data to a server.
Trap 3: Ransomware
Ransomware encrypts files and demands payment; it does not record keystrokes or exfiltrate data.
- A
Trojan horse
Why wrong: A Trojan disguises itself as legitimate software but does not necessarily record keystrokes; it may give remote access.
- B
Worm
Why wrong: A worm self-replicates across networks, but it does not typically record keystrokes or send data to a server.
- C
Keylogger
A keylogger specifically records keystrokes and sends them to an attacker, exactly as described.
- D
Ransomware
Why wrong: Ransomware encrypts files and demands payment; it does not record keystrokes or exfiltrate data.