ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-49v10 All Questions

View all questions & answers for the 312-49v10 exam
Go to Exam

Exam 312-49v10 topic 1 question 635 discussion

Actual exam question from ECCouncil's 312-49v10
Question #: 635
Topic #: 1
[All 312-49v10 Questions]

Brian has the job of analyzing malware for a software security company. Brian has setup a virtual environment that includes virtual machines running various versions of OSes. Additionally, Brian has setup separated virtual networks within this environment. The virtual environment does not connect to the company's intranet nor does it connect to the external Internet. With everything setup, Brian now received an executable file from client that has undergone a cyberattack.
Brian ran the executable file in the virtual environment to see what it would do. What type of analysis did Brian perform?

  • A. Status malware analysis
  • B. Static OS analysis
  • C. Static malware analysis
  • D. Dynamic malware analysis
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by 581777a at Aug. 22, 2023, 9:57 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
581777a
8 months, 3 weeks ago
Selected Answer: D
D. Dynamic malware analysis In the scenario described, Brian performed dynamic malware analysis. Dynamic analysis involves running a malware sample, such as the received executable file, in a controlled environment to observe its behavior, interactions, and potential impacts. By executing the file in a virtual environment with isolated networks, Brian can monitor the actions of the malware without risking the security of his own systems.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago