What is the main difference between a logic bomb and a stealth virus?

The main difference between a logic bomb and a stealth virus lies in the behavior and purpose of each type of malicious code. A stealth virus is designed to evade detection by antivirus (AV) software, and it does this by supplying false information to the AV engines. This allows the stealth virus to remain hidden on a system while it replicates and potentially causes harm without being detected or removed.

In contrast, a logic bomb is a piece of code that lies dormant until triggered by a specific event, such as a certain date or the occurrence of a particular condition. When activated, the logic bomb executes its malicious payload, which can result in data corruption, loss, or other harmful actions.

The other provided choices mix up characteristics of logic bombs and stealth viruses incorrectly. For example, stealth viruses do not specifically "wake up" like logic bombs do; their main feature is evading detection, rather than being activated by external conditions. Additionally, while memory-resident viruses exist, it’s not accurate to categorize stealth viruses solely by whether they live in memory or on disk, as both can exhibit various behaviors in different contexts. Overall, understanding that stealth viruses focus on avoiding detection through deception is the key distinction that represents why this choice is the most accurate.