312-50V12 · Question #255
312-50V12 Question #255: Real Exam Question with Answer & Explanation
The correct answer is B: Store the potentially malicious program on an external medium, such as a CD-ROM.. To safely analyze a potentially malicious program using an isolated sheep dip computer, the crucial preliminary step is to transfer the program via an external, non-networked medium.
Question
A security analyst is preparing to analyze a potentially malicious program believed to have infiltrated an organization's network. To ensure the safety and integrity of the production environment, the analyst decided to use a sheep dip computer for the analysis. Before initiating the analysis, what key step should the analyst take?
Options
- AInstall the potentially malicious program on the sheep dip computer.
- BStore the potentially malicious program on an external medium, such as a CD-ROM.
- CRun the potentially malicious program on the sheep dip computer to determine its behavior.
- DConnect the sheep dip computer to the organization's internal network.
Explanation
To safely analyze a potentially malicious program using an isolated sheep dip computer, the crucial preliminary step is to transfer the program via an external, non-networked medium.
Common mistakes.
- A. Installing the program is a part of the analysis process itself, which occurs after the program has been safely transferred to the sheep dip computer.
- C. Running the program is the core action of the analysis phase, not a prerequisite step taken before initiating the analysis.
- D. Connecting the sheep dip computer to the internal network would defeat its purpose of being an isolated environment for safe malware analysis and risk infecting the production network.
Concept tested. Secure malware transfer to isolated analysis environment
Topics
Community Discussion
No community discussion yet for this question.