اضغط هنا للانضمام الى قروب فوجي للإختبارات على تيليقرام

اختبار شهادة محلل الأمن السيبراني CompTIA CySA+

السؤال 50 من 1101

كل الأسئلة

A threat hunter seeks to identify new persistence mechanisms installed in an organization’s environment. In collecting scheduled tasks from all enterprise workstations, the following host details are aggregated:
The hunter would like to discreetly gather an understanding of the suspect binary functionality. Which of the following actions should the hunter perform first based on the details above?

الخيارات

  • A Acquire and detonate a copy of taskhw.exe from the impacted host.
  • B Scan the enterprise to identify other systems with taskhw.exe present.
  • C Perform a public search for malware reports on taskhw.exe.
  • D Change the account that runs the taskhw.exe scheduled task.

النقاشات

لا توجد نقاشات منشورة لهذا السؤال حالياً.