My two cents. I like B. Signature based AV is all about detecting what's already been identified and used and...there's a signature to detect it. Just because you have a known threat, doesn't mean you have a signature for it. Good luck.
Another rule for CISM (and CISSP for that matter):
When you're presented with two fundamentally correct answers, go for a more comprehensive one (i.e. the one that includes the other).
Sincerely,
Cpt. Obvious :D
Although the answer B us attractive, it is very particular to virus whereas there are different types of malwares like worms, trojans etc which would make the option C more suitable that covers all type of known threats rather than just virus category alone.
C. known threats.
Signature-based anti-malware controls are designed to detect and block known threats. These controls use a database of signatures or patterns associated with known malware to identify and block malicious files or code. When a file or code matches a signature in the database, the anti-malware software can take appropriate action, such as quarantining or deleting the file.
Poorly configured firewall rules (A) and reused virus code (B) are not directly related to the effectiveness of signature-based anti-malware controls. Firewall rules are network-level controls that regulate incoming and outgoing traffic, while reused virus code refers to the practice of using existing malicious code in new malware. However, signature-based anti-malware controls can complement firewall rules and help detect and block malware, including instances of reused virus code.
additionally if it's signature based, the AV will detect hashes, if you reuse code, you are not using a known hash, just getting part of the code that will generate other hash
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
CarlLimps
Highly Voted 1 year, 8 months agoyottabyte
Most Recent 7 months, 1 week agoAlexJacobson
9 months agoUncle_Lucifer
10 months, 3 weeks agod7a2ba6
4 months, 1 week agoSoleandheel
11 months, 1 week agoMarcovic00
11 months, 1 week agoacf4e9a
1 year agobradseth
1 year agokoala_lay
1 year, 1 month agooluchecpoint
1 year, 1 month ago[Removed]
1 year, 3 months agoGoseu
1 year, 3 months ago[Removed]
1 year, 3 months agoGoseu
1 year, 2 months agoMarcelus1714
9 months agoMarcelus1714
9 months agorichck102
1 year, 3 months agoJae_kes
1 year, 4 months agobambs
1 year, 8 months agoaokisan
1 year, 10 months agoManzer
1 year, 10 months agoZiggybooboo
1 year, 10 months ago