A security analyst identified some potentially malicious processes after capturing the contents of memory from a machine during incident response.
Which of the following procedures is the NEXT step for further in investigation?
A . Data carving
B. Timeline construction
C. File cloning
D. Reverse engineering
Answer: D
Explanation:
Reverse engineering is a process of analyzing a system or a component to understand how it works and how it was made. Reverse engineering can be used to examine malicious processes captured from memory and determine their functionality, origin, and purpose. Reverse engineering can help identify the type of malware, its infection vector, its capabilities, its communication methods, and its indicators of compromise2
Reference: 2 Reverse Engineering Malware 101 | Malwarebytes Labs
Latest CS0-002 Dumps Valid Version with 220 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund