Exam4Training

Which of the following actions would allow the analyst to achieve the objective?

A security analyst is performing an investigation involving multiple targeted Windows malware binaries. The analyst wants to gather intelligence without disclosing information to the attackers.

Which of the following actions would allow the analyst to achieve the objective?
A . Upload the binary to an air gapped sandbox for analysis
B . Send the binaries to the antivirus vendor
C . Execute the binaries on an environment with internet connectivity
D . Query the file hashes using VirusTotal

Answer: A

Explanation:

The best action that would allow the analyst to gather intelligence without disclosing information to the attackers is to upload the binary to an air gapped sandbox for analysis. An air gapped sandbox is an isolated environment that has no connection to any external network or system. Uploading the binary to an air gapped sandbox can prevent any communication or interaction between the binary and the attackers, as well as any potential harm or infection to other systems or networks. An air gapped sandbox can also allow the analyst to safely analyze and observe the behavior, functionality, or characteristics of the binary.

Latest CS0-003 Dumps Valid Version with 128 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Exit mobile version