Cisco
350-201 · Question #64
350-201 Question #64: Real Exam Question with Answer & Explanation
Sign in or unlock 350-201 to reveal the answer and full explanation for question #64. The question stem and answer options stay visible for context.
Host-Based Analysis
Question
Refer to the exhibit. An engineer is performing a static analysis on a malware and knows that it is capturing keys and webcam events on a company server. What is the indicator of compromise?
Exhibit
Options
- AThe malware is performing comprehensive fingerprinting of the host, including a processor,
- BThe malware is a ransomware querying for installed anti-virus products and operating systems to
- CThe malware has moved to harvesting cookies and stored account information from major
- DThe malware contains an encryption and decryption routine to hide URLs/IP addresses and is
Unlock 350-201 to see the answer
You've previewed enough free 350-201 questions. Unlock 350-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#static malware analysis#IOC#obfuscation#keylogger