🔥 3-day streak
CompTIA SecurityX (CAS-005)30 / 120
Question 30 of 120
During an enterprise incident, an analyst recovers a suspicious executable from a compromised finance workstation. The malware appears heavily packed, and static string extraction reveals only obfuscated data. The IR team needs to determine the file's command-and-control infrastructure and file-system modifications as quickly as possible while preserving the ability to attribute behavior to the sample. Which approach best meets these requirements?
Reviewed for accuracy · Report an issueNext question