CompTIA CySA+ (CS0-001) — Question 168

A security analyst receives a mobile device with symptoms of a virus infection. The virus is morphing whenever it is from sandbox to sandbox to analyze. Which of the following will help to identify the number of variations through the analysis life cycle?

Answer options

• A. Journaling
• B. Hashing utilities
• C. Log viewers
• D. OS and process analysis

Correct answer: D

Explanation

The correct answer, D, involves analyzing the operating system and processes to uncover how the virus operates and evolves. This analysis can reveal different variations of the malware. Options A, B, and C do not specifically focus on the behavioral analysis of the virus and its transformations, making them less effective for this purpose.