300-215 · Question #99
300-215 Question #99: Real Exam Question with Answer & Explanation
The correct answer is D: changing the file header of a malicious file to another file type. The transmogrify anti-forensics technique refers specifically to the act of modifying the file header of a malicious file to disguise it as another file type. This type of manipulation helps evade detection by signature-based security tools and forensics analysis systems that rel
Question
What is the transmogrify anti-forensics technique?
Options
- Ahiding a section of a malicious file in unused areas of a file
- Bsending malicious files over a public network by encapsulation
- Cconcealing malicious files in ordinary or unsuspecting places
- Dchanging the file header of a malicious file to another file type
Explanation
The transmogrify anti-forensics technique refers specifically to the act of modifying the file header of a malicious file to disguise it as another file type. This type of manipulation helps evade detection by signature-based security tools and forensics analysis systems that rely on file headers to determine file type and purpose. For example, a malicious .exe file might have its header changed to appear as a .jpg or .pdf to trick analysts or automated systems into treating it as benign. This tactic is particularly effective in bypassing content filtering and malware detection solutions that do not perform deep inspection
Topics
Community Discussion
No community discussion yet for this question.