اختبار شهادة محلل الأمن السيبراني CompTIA CySA+

An analyst receives an alert from the EDR indicating a user has downloaded a malicious file
that is attempting to compromise the laptop. The analyst gathers the following information after
isolating the machine to determine which file was in fact malicious:
File Name Hash
zipcontainer.dll 6C635BF98BD79102F6096458572...
xwizard.dtd 20052F52C677845A63B2436952E...
svch0st.exe 0AD27DC6B692903C4E129B1AD7...
Which of the following techniques is the analyst using to identify the files?