Task 3.2: Using a Rootkit Checker

It is of the utmost importance that as a security professional you maintain control of your systems and be able to detect whether an attacker has compromised any of your systems. One of the most common tools an attacker will use is a rootkit. Rootkits are nasty pieces of malware. Attackers use rootkits to gain control of a victim’s system. Rootkits contain tools to replace executables for many of the operating system’s critical components. Once an attacker has installed a rootkit, it can be used to hide evidence of the bad guy’s presence and to give them backdoor access to the system at will. Once the rootkit is installed, the attacker can come and go at any time and their activities will be hidden from the administrator. ...

Get Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.