nerdexam
GIAC

GREM · Question #30

GREM Question #30: Real Exam Question with Answer & Explanation

The correct answer is A. The file has a high entropy value.. See the full explanation below for the reasoning.

Question

When analyzing a Windows executable, which of the following indicators most strongly suggests that the file is packed?

Options

  • AThe file has a high entropy value.
  • BThe file contains numerous readable strings.
  • CThe file size is unusually large for its functionality.
  • DThe executable has multiple sections named with standard names (e.g., .text, .data).

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GREM Practice