Exam 312-50v11 topic 1 question 282 discussion

Virus Detection Methods Scanning: Once a virus is detected, it is possible to write scanning programs that look for signature string characteristics of the virus Integrity Checking: Integrity checking products work by reading the entire disk and recording integrity data that act as a signature for the files and system sectors Interception: The interceptor monitors the operating system requests that are written to the disk Code Emulation: In code emulation techniques, the antivirus executes the malicious code inside a virtual machine to simulate CPU and memory activities These techniques are considered very effective in dealing with encrypted and polymorphic viruses if the virtual machine mimics the real machine Heuristic Analysis: Heuristic analysis can be static or dynamic In static analysis, the antivirus analyses the file format and code structure to determine if the code is viral In dynamic analysis, the antivirus performs a code emulation of the suspicious code to determine if the code is viral CEH: Malware Threats

Virus Detection Methods - Code Emulation In code emulation techniques, the antivirus executes the malicious code inside a virtual machine to simulate CPU and memory activities.
These techniques are considered very effective in dealing with encrypted and polymorphic viruses if the virtual machine mimics the real machine. (P.1042/1026)

Code Emulation is correct. The method described in the question is one of two. The other is to use a VM. Module 7 page 1026 However there's something to point out: heuristic analysis - dynamic analysis includes code emulation. So it is also a correct answer. Just not the best answer.

correct