Cisco
350-201 · Question #112
The SIEM tool informs a SOC team of a suspicious file. The team initializes the analysis with an automated sandbox tool, sets up a controlled laboratory to examine the malware specimen, and proceeds w
Sign in or unlock 350-201 to reveal the answer and full explanation for question #112. The question stem and answer options stay visible for context.
Techniques
Question
The SIEM tool informs a SOC team of a suspicious file. The team initializes the analysis with an automated sandbox tool, sets up a controlled laboratory to examine the malware specimen, and proceeds with behavioral analysis. What is the next step in the malware analysis process?
Options
- APerform static and dynamic code analysis of the specimen.
- BUnpack the specimen and perform memory forensics.
- CContain the subnet in which the suspicious file was found.
- DDocument findings and clean-up the laboratory.
Unlock 350-201 to see the answer
You've previewed enough free 350-201 questions. Unlock 350-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#malware analysis#static analysis#dynamic analysis#behavioral analysis