EC-Council
312-49V11 · Question #84
312-49V11 Question #84: Real Exam Question with Answer & Explanation
Sign in or unlock 312-49V11 to reveal the answer and full explanation for question #84. The question stem and answer options stay visible for context.
Question
You are a cybersecurity analyst conducting system behavior analysis on a Windows machine infected with suspected malware. Your goal is to monitor the processes initiated and taken over by the malware after execution, as well as observe associated child processes, handles, loaded libraries, and functions to understand its behavior. As a cybersecurity analyst utilizing Process Monitor for system behavior analysis, what key feature of the tool enables comprehensive monitoring of file system, registry, and process/thread activity on a Windows machine?
Options
- ACapability to capture detailed information about operation input and output parameters.
- BReal-time display of network activity initiated by processes.
- CAutomatic removal of suspicious files identified during the monitoring process.
- DIntegration with antivirus software to automatically quarantine malicious processes.
Unlock 312-49V11 to see the answer
You've previewed enough free 312-49V11 questions. Unlock 312-49V11 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.