Capture.PNG
Document Details
Uploaded by jlopez59#
Tags
Full Transcript
## What Are We Up Against? (3 of 6) - User-mode process (Task Manager, Explorer) - User-mode rootkit intercepts data here - Kernel-mode process - Kernel-mode rootkit intercepts data here - Files stored on hard drive **Figure 8-13** A rootkit can run in user mode or kernel mode.
## What Are We Up Against? (3 of 6) - User-mode process (Task Manager, Explorer) - User-mode rootkit intercepts data here - Kernel-mode process - Kernel-mode rootkit intercepts data here - Files stored on hard drive **Figure 8-13** A rootkit can run in user mode or kernel mode.