Understanding Cisco Cybersecurity Fundamentals (SECFND, legacy) — Question 91

When investigating a malicious Windows application, which two Windows components that are associated with the application will also need to be investigated?
(Choose two.)

Answer options

Correct answer: A, C

Explanation

Threads and processes are critical components of how applications operate in Windows. Investigating these elements helps to understand the execution and behavior of the malicious application, while DLLs and kernel object handles, while important, do not provide the same level of insight into the application's runtime behavior.