CAS-005 · Question #2
CAS-005 Question #2: Real Exam Question with Answer & Explanation
The correct answer is C: A malicious file that was run in this environment. The dll file with a 10 MB size is allowed to be executed in the c:\temp directory. Since DLL (Dynamic Link Library) files are often associated with executable code and can be used for malicious purposes, this should be investigated further. The fact that it is allowed to run rais
Question
A security analyst is reviewing the following log: Which of the following possible events should the security analyst investigate further?
Options
- AA macro that was prevented from running
- BA text file containing passwords that were leaked
- CA malicious file that was run in this environment
- DA PDF that exposed sensitive information improperly
Explanation
The dll file with a 10 MB size is allowed to be executed in the c:\temp directory. Since DLL (Dynamic Link Library) files are often associated with executable code and can be used for malicious purposes, this should be investigated further. The fact that it is allowed to run raises suspicion, and the location of the file (temp directory) is commonly used by malware for executing unauthorized processes.
Community Discussion
No community discussion yet for this question.