CISA Certified Information Systems Auditor – Question1873

What would be the major purpose of rootkit?

A.
to hide evidence from system administrators.
B. to encrypt files for system administrators.
C. to corrupt files for system administrators.
D. to hijack system sessions.
E. None of the choices.

Correct Answer: A

Explanation:

Explanation: rootkit originally describes those recompiled Unix tools that would hide any trace of the intruder.
You can say that the only purpose of rootkit is to hide evidence from system administrators so there is no way to detect malicious special privilege access attempts.