CompTIA CySA+ (CS0-002) — Question 320

A security analyst is reviewing malware files without running them. Which of the following analysis types is the security analyst using?

Answer options

• A. Dynamic
• B. Sandbox
• C. Static
• D. Heuristic

Correct answer: C

Explanation

The correct answer is C, Static analysis, because it involves examining the malware's code and properties without execution. Dynamic analysis, on the other hand, requires running the malware to observe its behavior, while sandbox analysis typically refers to a controlled environment for dynamic analysis. Heuristic analysis involves detecting malware based on behavior patterns and characteristics rather than code examination.