Multiple Choice
An analyst is investigating behavior on a corporate-owned, corporate-managed mobile device with application whitelisting enabled, based on a name string. The employee to whom the device is assigned reports the approved email client is displaying warning messages that can launch browser windows and is adding unrecognized email addresses to the "compose" window. Which of the following would provide the analyst the BEST chance of understanding and characterizing the malicious behavior?
A) Reverse engineer the application binary.
B) Perform static code analysis on the source code.
C) Analyze the device firmware via the JTAG interface.
D) Change to a whitelist that uses cryptographic hashing.
E) Penetration test the mobile application.
Correct Answer:
Verified
Correct Answer:
Verified
Q2: A university's help desk is receiving reports
Q3: A penetration tester noticed special characters in
Q4: A recent overview of the network's security
Q5: After the departure of a developer under
Q6: A security architect is implementing security measures
Q8: A company's security policy states any remote
Q9: A company recently implemented a new cloud
Q10: Following a complete outage of the electronic
Q11: Staff members are reporting an unusual number
Q12: During a security event investigation, a junior