Certified Information Systems Security Professional (CISSP) — Question 297

What is static analysis intended to do when analyzing an executable file?

Answer options

• A. Search the documents and files associated with the executable file.
• B. Analyze the position of the file in the file system and the executable file's libraries.
• C. Collect evidence of the executable file's usage, including dates of creation and last use.
• D. Disassemble the file to gather information about the executable file's function.

Correct answer: D

Explanation

The correct answer is D because static analysis involves disassembling the executable file to understand its internal workings and functions. Options A, B, and C focus on file associations, file system attributes, and usage evidence, which do not pertain to the core purpose of static analysis.