Can someone help me with the below:
Required Work: Please respond to the two questions with your own perspective.
– min 100 words each question
Rootkit is an application (or set of applications), that hides its presence or presence of another application (virus, spyware, etc.) on the computer, using some of the lower layers of the operating system (API function redirection, using of undocumented OS functions, etc.), which makes them almost undetectable by common anti-malware software.
Rootkits generally go much deeper than the average virus. They may even infect your BIOS – the part of your computer that’s independent of the Operating System – making them harder to remove. And they may not even be Windows-specific, even Linux or Apple machines could be affected. In fact, the first rootkit ever written was for Unix.Possibly the most famous case so far was in 2005, when CDs sold by Sony BMG installed rootkits without user permission that allowed any user logged in at the computer to access the administrator mode. The purpose of that rootkit was to enforce copy protection (called “Digital Rights Management” or DRM) on the CDs, but it compromised the computer it was installed on. This process could easily be hijacked for malicious purposes.
Pent testing results are the innards’ and ski nerds’ of a network. They can (and should) reveal all of the weaknesses that a network has which can make that document very valuable in the wrong hands. This document can be hand delivered to the client and or shown as part of an overall presentation making it accessible to more than the client originally intended. Thus ensuring that the document is encrypted, printed on copy proof paper and or only stored in specific places can prevent some of the risk associated with exposure. Other steps could include a clause with the pen tester that any and all documentation created during the evaluation are destroyed when complete.