Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 130

A malicious file has been identified in a sandbox analysis tool.
Which piece of information is needed to search for additional downloads of this file by other hosts?

Answer options

• A. file type
• B. file size
• C. file name
• D. file hash value

Correct answer: D

Explanation

The correct answer is D, file hash value, because it provides a unique identifier for the file, allowing for precise searches across different systems. Options A, B, and C do not ensure uniqueness and could lead to false positives, as multiple files can share the same type, size, or name.