A security analyst is investigating a malware infection that occurred on a Windows system. The system was not connected to a network and had no wireless capability. Company policy prohibits using portable media or mobile storage. The security analyst is trying to determine which user caused the malware to get onto the system. Which of the following registry keys would MOST likely have this information?
A) HKEY_USERS\<user SID>\Software\Microsoft\Windows\CurrentVersion\Run
B) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
C) HKEY_USERS\<user SID>\Software\Microsoft\Windows\explorer\MountPoints2
D) HKEY_USERS\<user SID>\Software\Microsoft\Internet Explorer\Typed URLs
E) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\System\iusb3hub
Correct Answer:
Verified
Q153: Which of the following secure coding techniques
Q154: A company is moving from the use
Q155: The help desk provided a security analyst
Q156: A cybersecurity analyst is investigating a potential
Q157: A large amount of confidential data was
Q159: A security analyst is supporting an embedded
Q160: Which of the following MOST accurately describes
Q161: A Chief Security Officer (CSO) is working
Q162: A security analyst recently used Arachni to
Q163: A small electronics company decides to use
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents