GIAC
GREM · Question #186
GREM Question #186: Real Exam Question with Answer & Explanation
Sign in or unlock GREM to reveal the answer and full explanation for question #186. The question stem and answer options stay visible for context.
Question
You are performing behavioral analysis on a malware sample that makes unusual DNS queries and writes data to a specific registry key. Which actions should you take to further investigate this sample's behavior? (Choose three)
Options
- ACapture the DNS traffic using a network sniffer tool
- BMonitor registry changes using a tool like Procmon
- CDebug the malware to locate its API calls
- DIsolate the system and run the malware with network access disabled
- EReboot the system and observe if the malware starts again
Unlock GREM to see the answer
You've previewed enough free GREM questions. Unlock GREM for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.