EC-Council
312-49V11 · Question #81
312-49V11 Question #81: Real Exam Question with Answer & Explanation
Sign in or unlock 312-49V11 to reveal the answer and full explanation for question #81. The question stem and answer options stay visible for context.
Question
As a forensic investigator specializing in cybersecurity, you've been assigned to analyze a suspicious PDF document named "infected.pdf." This document was discovered on a company server and is suspected to contain malicious scripts that could pose a threat to the organization's systems and network. As part of your investigation into the PDF document, what initial step would you take to identify potential malicious components within the file?
Options
- ARun the command python pdfid.py infected.pdf in a Linux terminal to review the file's structure and
- BOpen the PDF document in a virtual machine environment to observe potential malicious behavior.
- CUtilize a web-based tool to extract metadata from the PDF document and analyze any anomalies.
- DUse a hex editor to manually inspect the contents of the PDF document for suspicious patterns.
Unlock 312-49V11 to see the answer
You've previewed enough free 312-49V11 questions. Unlock 312-49V11 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.