ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-201 All Questions

View all questions & answers for the 350-201 exam
Go to Exam

Exam 350-201 topic 1 question 66 discussion

Actual exam question from Cisco's 350-201
Question #: 66
Topic #: 1
[All 350-201 Questions]


Refer to the exhibit. An engineer is reverse engineering a suspicious file by examining its resources. What does this file indicate?

  • A. a DOS MZ executable format
  • B. a MS-DOS executable archive
  • C. an archived malware
  • D. a Windows executable file
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by TOLU1985 at Sept. 26, 2022, 8:33 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
TrainingTeam
6 months, 2 weeks ago
Selected Answer: A
The file in question indicates a DOS MZ executable format. The MZ signature at the beginning of the file (as seen in the hexadecimal representation) is characteristic of an executable file format for DOS. This signature, combined with the text "This program cannot be run in DOS mode," which is typically included as a message in DOS MZ executables to be displayed when they are run in a non-DOS environment, confirms that the file is a DOS MZ executable.
upvoted 1 times
...
DrVoIP
2 years, 1 month ago
If you look the Majic is 4D and 5A coupled with "can not be run in DOS mode", indicates it is DOS MZ!
upvoted 1 times
...
budlinc
2 years, 3 months ago
Selected Answer: A
A 100% https://en.wikipedia.org/wiki/DOS_MZ_executable
upvoted 1 times
...
Noxman
2 years, 3 months ago
Selected Answer: D
check https://www.fortinet.com/blog/threat-research/dll-side-loading-technique-used-in-recent-kaseya-ransomware-attack
upvoted 1 times
...
kyle942
2 years, 3 months ago
Selected Answer: A
The DOS MZ executable format is the executable file format used for. EXE files in DOS. The file can be identified by the ASCII string "MZ" (hexadecimal: 4D 5A) at the beginning of the file (the "magic number").
upvoted 2 times
...
Medjai89
2 years, 4 months ago
Its A 100% Check: http://4d5asecurity.com/why-4d5a.
upvoted 1 times
...
TOLU1985
2 years, 7 months ago
Selected Answer: D
C or D no idea.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago