300-215 · Question #76
300-215 Question #76: Real Exam Question with Answer & Explanation
The correct answer is A: Isolate the files and perform a deeper heuristic analysis to detect potential unknown malware or. Creating a secure, isolated copy of the .xyz files preserves the originals for investigation while you apply heuristic and behavioral analysis (sandboxing, code emulation, entropy checks) to uncover any novel malware characteristics or embedded exfiltration routines. Deleting, re
Question
A cybersecurity analyst at a software development company identifies a set of files with an unusual extension .xyz that appeared suddenly in the network's shared storage. These files have no known association with the company's ongoing projects and are unusually large. Upon initial scanning, no known malware signatures are detected. Which action should be taken next to evaluate the files based on the distinguished characteristics?
Options
- AIsolate the files and perform a deeper heuristic analysis to detect potential unknown malware or
- BRename the file extensions to .txt to enable easier opening and review by team members.
- CDelete the files immediately to prevent potential risks.
- DMove the files to a less secure network segment for analysis.
Explanation
Creating a secure, isolated copy of the .xyz files preserves the originals for investigation while you apply heuristic and behavioral analysis (sandboxing, code emulation, entropy checks) to uncover any novel malware characteristics or embedded exfiltration routines. Deleting, renaming, or moving them to a less secure zone risks losing critical evidence or exposing other systems.
Topics
Community Discussion
No community discussion yet for this question.