ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCCET All Questions

View all questions & answers for the PCCET exam
Go to Exam

Exam PCCET topic 1 question 168 discussion

Actual exam question from Palo Alto Networks's PCCET
Question #: 168
Topic #: 1
[All PCCET Questions]

What should a security operations engineer do if they are presented with an encoded string during an incident investigation?

  • A. Save it to a new file and run it in a sandbox.
  • B. Run it against VirusTotal.
  • C. Append it to the investigation notes but do not alter it.
  • D. Decode the string and continue the investigation.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by kirmanis at Sept. 3, 2024, 11:37 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kirmanis
8 months, 1 week ago
Why is the answer not C? Decoding the string without proper analysis can be dangerous, as it could reveal malicious code or sensitive information. It's important to understand the encoding method and potential risks before decoding, am I right?
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago