312-50V13 Question #612: Real Exam Question with Answer & Explanation

Question

In the process of setting up a lab for malware analysis, a cybersecurity analyst is tasked to establish a secure environment using a sheep dip computer. The analyst must prepare the testbed while adhering to best practices. Which of the following steps should the analyst avoid when configuring the environment?

Options

• AInstalling malware analysis tools on the guest OS
• BConnecting the system to the production network during the malware analysis
• CSimulating Internet services using tools such as INetSim
• DInstalling multiple guest operating systems on the virtual machine(s)

Explanation

When setting up a sheep dip computer for malware analysis, the analyst must avoid connecting the system to the production network to prevent potential malware contamination.

Common mistakes.

• A. Installing malware analysis tools on the guest OS is a standard and necessary step for performing effective malware analysis within the isolated environment.
• C. Simulating Internet services using tools like INetSim is a best practice for malware analysis, allowing the malware to believe it has network access without actually connecting to the internet, thus observing its network-related behaviors safely.
• D. Installing multiple guest operating systems on virtual machines can be beneficial for testing malware behavior across different environments or for isolating different analysis tasks within the lab.

Concept tested. Malware analysis lab best practices

No community discussion yet for this question.