Eccouncil Exam 312-49 Topic 1 Question 72 Discussion

Actual exam question for Eccouncil's 312-49 exam

Question #: 72
Topic #: 1

An investigator Is examining a file to identify any potentially malicious content. To avoid code execution and still be able to uncover hidden indicators of compromise (IOC), which type of examination should the investigator perform:

AThreat hunting

BThreat analysis

CStatic analysis

DDynamic analysis

Show Suggested Answer

Suggested Answer: D

by Myra at Nov 14, 2024, 12:07 PM

Limited Time Offer

25%

Off

Get Premium 312-49 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Rickie

1 months ago

But wouldn't threat hunting be more proactive in identifying potential threats?

upvoted 0 times

...

Daisy

1 months ago

I agree with Zana, static analysis can uncover hidden indicators of compromise without executing any code.

upvoted 0 times

...

Geoffrey

1 months ago

I'd have to go with C) Static analysis as well. Wouldn't want to end up like that guy who tried dynamic analysis and ended up with a computer that was more malware than machine.

upvoted 0 times

Darrin

10 days ago

Static analysis is a good choice for uncovering hidden indicators of compromise.

upvoted 0 times

...

Stevie

12 days ago

I think dynamic analysis can be risky if not done carefully.

upvoted 0 times

...

Fletcher

16 days ago

Threat hunting could also be useful in this situation.

upvoted 0 times

...

Lenny

19 days ago

I agree, static analysis is definitely the safer option.

upvoted 0 times

...

Izetta

1 months ago

I'd have to agree with Janine on this one. Static analysis is the way to go if you want to avoid any nasty surprises. Definitely don't want to be the one who unleashes a virus on the system, right?

upvoted 0 times