A forensics analyst suspects that a breach has occurred. Security logs show the company's OS patch system may be compromised, and it is serving patches that contain a zero-day exploit and backdoor. The analyst extracts an executable file from a packet capture of communication between a client computer and the patch server. Which of the following should the analyst use to confirm this suspicion?
A) File size
B) Digital signature
C) Checksums
D) Anti-malware software
E) Sandboxing
Correct Answer:
Verified
Q158: A security engineer is investigating a compromise
Q159: An organization is reviewing endpoint security solutions.
Q160: Following a recent network intrusion, a company
Q161: An advanced threat emulation engineer is conducting
Q162: A Chief Information Officer (CIO) publicly announces
Q164: Given the following output from a local
Q165: Security policies that are in place at
Q166: A security consultant is attempting to discover
Q167: An engineer is evaluating the control profile
Q168: A threat advisory alert was just emailed
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents