The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable attachment even in Microsoft Outlook's preview pane. The Klez worm gathers email addresses from the entries of the default Windows Address Book (WAB). Which of the following registry values can be used to identify this worm?

A. HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun

B. HKEY_CURRENT_USERSoftwareMicrosoftWABWAB4Wab File Name = "file and pathname of the WAB file"

C. HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun

D. HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServices








 

Suggested Answer: B



This question is in GISF exam 
For getting GIAC Information Security Fundamentals (GISF) Certificate

Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by GIAC.
Trademarks, certification & product names are used for reference only and belong to GIAC.