Multiple Choice
An analyst is investigating anomalous behavior on a corporate-owned, corporate-managed mobile device with application whitelisting enabled, based on a name string. The employee to whom the device is assigned reports the approved email client is displaying warning messages that can launch browser windows and is adding unrecognized email addresses to the "compose" window. Which of the following would provide the analyst the BEST chance of understanding and characterizing the malicious behavior?
A) Reverse engineer the application binary.
B) Perform static code analysis on the source code.
C) Analyze the device firmware via the JTAG interface.
D) Change to a whitelist that uses cryptographic hashing.
E) Penetration test the mobile application.
Correct Answer:
Verified
Correct Answer:
Verified
Q300: A penetration test is being scoped for
Q301: An attacker has been compromising banking institution
Q302: An administrator is working with management to
Q303: A government contracting company issues smartphones to
Q304: Given the following output from a local
Q306: The Chief Financial Officer (CFO) of a
Q307: After investigating virus outbreaks that have cost
Q308: A Chief Information Security Officer (CISO) of
Q309: An internal staff member logs into an
Q310: A software development team has spent the