Which detection methodology is used by standard antivirus tools to flag known malware files by matching their unique file hash codes against a local index directory? MCQ with Answer and Explanation

Which detection methodology is used by standard antivirus tools to flag known malware files by matching their unique file hash codes against a local index directory?
A. Heuristic Analysis
B. Behavioral Monitoring
C. Signature-based Detection
D. Sandbox Isolation Monitoring
Answer: Option C
Solution (By JKExamLibrary)
Signature-based engines scan storage objects looking for byte patterns or static cryptographic hashes known to correspond to established malware databases.

This question belongs to: Computer Cyber Security

Discuss this Question (0)

No comments yet. Be the first to start the discussion!

Practice More Cyber Security Questions

Question #1 Report Error
What is the difference between a virus and a worm?
A. A worm requires user action to spread, while a virus does not
B. A virus is always more harmful than a worm
C. A virus requires a host program to spread, while a worm is self-contained
D. There is no difference

Correct Answer: Option C


Explanation:
A virus attaches itself to a host program or file to replicate, while a worm is a standalone program that replicates and spreads on its own.

This question belongs to: Computer Cyber Security
Question #2 Report Error
Which social engineering attack vector uses spoofed emails, misleading hyperlinks, and look-alike landing pages to trick corporate employees into surrendering their login credentials?
A. Phishing
B. Man-in-the-Middle
C. SQL Injection
D. DDoS Attack

Correct Answer: Option A


Explanation:
Phishing involves masquerading as a trustworthy entity via digital communications to manipulate victims into revealing passwords, financial records, or sensitive personal tokens.

This question belongs to: Computer Cyber Security
Question #3 Report Error
Which software utility uses cryptographic hashing to verify that a downloaded application patch has not been tampered with or modified by an intermediary threat actor?
A. Firewall Packet Filter
B. File Compression Engine
C. Integrity Checker / Hash Verifier
D. Sandbox Controller

Correct Answer: Option C


Explanation:
Integrity checkers calculate cryptographic hashes (like SHA-256) of files, comparing them to known vendor benchmarks to verify the file hasn't been modified.

This question belongs to: Computer Cyber Security