GIAC
GREM · Question #179
GREM Question #179: Real Exam Question with Answer & Explanation
Sign in or unlock GREM to reveal the answer and full explanation for question #179. The question stem and answer options stay visible for context.
Question
You are analyzing a suspicious PDF document that was flagged by antivirus software. Initial inspection shows that the PDF contains a JavaScript action triggering upon document opening, which is obfuscated. What are the next steps you should take to determine whether the document is malicious? (Choose three)
Options
- AUse PDF parser tools to extract the JavaScript code for analysis.
- BDisable JavaScript execution and open the document in a sandbox environment.
- CAnalyze the PDF trailer for any hidden embedded objects.
- DExtract and analyze the metadata to assess the document's creation.
- EAttempt to open the document in a standard PDF viewer to observe its behavior.
Unlock GREM to see the answer
You've previewed enough free GREM questions. Unlock GREM for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.