A security analyst receives an alert that there was an attempt to download known malware. Which of the following actions would allow the best chance to analyze the malware?
A.
Review the IPS logs and determine which command-and-control IPs were blocked.
B.
Analyze application logs to see how the malware attempted to maintain persistence.
C.
Run vulnerability scans to check for systems and applications that are vulnerable to the malware
D.
Obtain and execute the malware in a sandbox environment and perform packet captures.
A sandbox is a isolated environment where you can safely run suspicious files without affecting your actual system. This allows the analyst to observe the malware's behavior and behavior without risking harm to the system
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.SY0-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
21bc1a0
1 week, 4 days ago