Eccouncil Exam 312-49 Topic 1 Question 72 Discussion

Actual exam question for Eccouncil's 312-49 exam

Question #: 72
Topic #: 1

An investigator Is examining a file to identify any potentially malicious content. To avoid code execution and still be able to uncover hidden indicators of compromise (IOC), which type of examination should the investigator perform:

AThreat hunting

BThreat analysis

CStatic analysis

DDynamic analysis

Show Suggested Answer

Suggested Answer: D

by Myra at Nov 14, 2024, 12:07 PM

Limited Time Offer

25%

Off

Get Premium 312-49 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Rickie

3 days ago

But wouldn't threat hunting be more proactive in identifying potential threats?

upvoted 0 times

...

Daisy

4 days ago

I agree with Zana, static analysis can uncover hidden indicators of compromise without executing any code.

upvoted 0 times

...

Geoffrey

4 days ago

I'd have to go with C) Static analysis as well. Wouldn't want to end up like that guy who tried dynamic analysis and ended up with a computer that was more malware than machine.

upvoted 0 times

...

Izetta

12 days ago

I'd have to agree with Janine on this one. Static analysis is the way to go if you want to avoid any nasty surprises. Definitely don't want to be the one who unleashes a virus on the system, right?

upvoted 0 times