Multiple Choice
A forensics analyst suspects that a breach has occurred. Security logs show the company's OS patch system may be compromised, and it is serving patches that contain a zero-day exploit and backdoor. The analyst extracts an executable file from a packet capture of communication between a client computer and the patch server. Which of the following should the analyst use to confirm this suspicion?
A) File size
B) Digital signature
C) Checksums
D) Anti-malware software
E) Sandboxing
Correct Answer:
Verified
Correct Answer:
Verified
Q256: A server (10.0.0.2) on the corporate network
Q257: A threat advisory alert was just emailed
Q258: A Chief Information Security Officer (CISO) is
Q259: Following a recent network intrusion, a company
Q260: An organization, which handles large volumes of
Q262: A company has hired an external security
Q263: With which of the following departments should
Q264: A security analyst receives an email from
Q265: A security engineer is analyzing an application
Q266: A Chief Information Security Officer (CISO) has