EC-Council
312-49V11 · Question #22
312-49V11 Question #22: Real Exam Question with Answer & Explanation
Sign in or unlock 312-49V11 to reveal the answer and full explanation for question #22. The question stem and answer options stay visible for context.
Question
You are a forensic investigator working for a cybersecurity firm tasked with analyzing a suspicious Microsoft Office document named "infected_doc." The document was discovered in an email attachment sent to multiple employees at a large corporation. Concerns have been raised about potential malware embedded within the document, particularly involving VBA macros. As a forensic investigator examining the "infected_doc" Microsoft Office document, what initial step would you take to identify suspicious or malicious components within the file?
Options
- AExecute the command oleid "" on a Linux workstation to review all components for suspicious
- BOpen the document in a sandbox environment to observe any unusual behavior.
- CRun the command analyze_doc "" to scan the document for potential threats.
- DUtilize a browser-based tool to inspect the document's metadata for any anomalies.
Unlock 312-49V11 to see the answer
You've previewed enough free 312-49V11 questions. Unlock 312-49V11 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.