ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

During a peer review, you discover a hidden function in a third-party payroll module that remains dormant until the system date reaches December 31, when it will erase all salary records. Which type of malicious code best describes this embedded threat?

Logic bomb
Trojan horse
Rootkit
Backdoor

Report Issue

Answer Description

A logic bomb is malicious code intentionally inserted into software that lies dormant until a specific logical condition is met-such as a certain date, the presence or absence of a file, or a particular user action. When the condition occurs, the payload executes, in this case deleting salary records on December 31.

Backdoors are covert access mechanisms that allow attackers to enter a system at will, but they do not rely on a future trigger condition. Trojan horses masquerade as legitimate programs to lure users into executing them, but their execution is not necessarily tied to a specific date or event. Rootkits are toolsets used to maintain privileged, stealthy access by modifying the operating system, not condition-triggered payloads. Therefore, the described code most closely matches the definition of a logic bomb.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.

What is a logic bomb and how does it differ from other types of malicious code?

Open an interactive chat with Bash

How can organizations detect and protect against logic bombs?

Open an interactive chat with Bash

What are some real-world examples of logic bomb attacks?

Open an interactive chat with Bash

What exactly does a logic bomb do?

Open an interactive chat with Bash

How can developers protect against logic bombs during software development?

Open an interactive chat with Bash

What’s the difference between a logic bomb and a Trojan horse?

Open an interactive chat with Bash

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)

Secure Software Implementation

Your Score:

Settings & Objectives

Secure Software Concepts

Secure Software Lifecycle Management

Secure Software Requirements

Secure Software Architecture and Design

Secure Software Implementation

Secure Software Testing

Secure Software Deployment, Operations, Maintenance

Secure Software Supply Chain

Random Mixed

Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.

Rotate by Objective

Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Hide Score

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot

AI Bot