CompTIA Security+ (SY0-601) — Question 336

A security operations center wants to implement a solution that can execute files to test for malicious activity. The solution should provide a report of the files' activity against known threats. Which of the following should the security operations center implement?

Answer options

• A. the Harvester
• B. Nessus
• C. Cuckoo
• D. Sn1per

Correct answer: C

Explanation

Cuckoo is specifically designed for malware analysis and can execute files in a controlled environment to observe their behavior, generating detailed reports about any malicious activity. The other options, such as Nessus and Sn1per, are primarily vulnerability scanners and penetration testing tools, which do not focus on executing files for malware testing.