CS0-003 · Question #331
CS0-003 Question #331: Real Exam Question with Answer & Explanation
The correct answer is D: Subscribe to an online service to create a sandbox environment.. A sandbox environment is a safe and isolated way to analyze malware without affecting the organization's network. An online service can provide a sandbox environment without requiring the security analyst to set up a virtual host or use an RDP session. Disconnecting and using an
Question
A security analyst has identified a new malware file that has impacted the organization. The malware is polymorphic and has built-in conditional triggers that require a connection to the internet. The CPU has an idle process of at least 70%. Which of the following best describes how the security analyst can effectively review the malware without compromising the organization's network?
Options
- AUtilize an RDP session on an unused workstation to evaluate the malware.
- BDisconnect and utilize an existing infected asset off the network.
- CCreate a virtual host for testing on the security analyst workstation.
- DSubscribe to an online service to create a sandbox environment.
Explanation
A sandbox environment is a safe and isolated way to analyze malware without affecting the organization's network. An online service can provide a sandbox environment without requiring the security analyst to set up a virtual host or use an RDP session. Disconnecting and using an existing infected asset is risky and may not provide accurate results.
Topics
Community Discussion
No community discussion yet for this question.