Computer security basics: If you suspect a malware infection, which of the following system elements will typically <em>not</em> be infected directly by the virus code?

Introduction / Context:
Classic computer viruses target executable code and boot processes. Understanding what they can and cannot infect helps triage incidents and choose the right remediation steps (e.g., boot sector repair, file disinfection, media scanning).

Given Data / Assumptions:

• We are considering traditional virus behavior (file infectors, boot sector viruses).
• Media like floppy disks can carry boot sector and file-based malware.
• CMOS stores configuration (time/date, boot order) rather than executable code.

Concept / Approach:

Viruses replicate by attaching to executable code or modifying boot sectors. While malware can alter CMOS settings (e.g., change time or boot order) via BIOS calls, CMOS itself is not executable storage that gets “infected” with code. In contrast, program files and boot sectors are frequent infection targets, and removable media like floppy disks commonly spread such infections.

Step-by-Step Solution:

Verification / Alternative check:

Incident response playbooks focus on scanning file systems and boot areas, not on “disinfecting” CMOS. Clearing CMOS may undo malicious setting changes but is not disinfection of code.

Why Other Options Are Wrong:

• Boot sector: Common target for boot viruses.
• Floppy disks: Spread both boot and file-based malware.
• Program files: Classic file-infector targets.
• None of the above: Incorrect because CMOS is the correct exception.

Common Pitfalls:

Confusing altered CMOS settings with infection; overlooking that firmware rootkits target flash ROM, not CMOS RAM.

Final Answer:

CMOS