SY0-701 · Question #733
SY0-701 Question #733: Real Exam Question with Answer & Explanation
The correct answer is D: Obtain and execute the malware in a sandbox environment and perform packet captures.. To analyze malware behavior in detail, the best approach is to execute the malware in a sandbox and capture its network activity. This provides real-time analysis of how the malware behaves, spreads, and communicates.
Question
A security analyst receives an alert that there was an attempt to download known malware. Which of the following actions would allow the best chance to analyze the malware?
Options
- AReview the IPS logs and determine which command-and-control IPs were blocked.
- BAnalyze application logs to see how the malware attempted to maintain persistence.
- CRun vulnerability scans to check for systems and applications that are vulnerable to the malware.
- DObtain and execute the malware in a sandbox environment and perform packet captures.
Explanation
To analyze malware behavior in detail, the best approach is to execute the malware in a sandbox and capture its network activity. This provides real-time analysis of how the malware behaves, spreads, and communicates.
Community Discussion
No community discussion yet for this question.