A security professional discovers a new ransomware strain that disables antivirus on the endpoint during an infection. Which location would be the BEST place for the security professional to find technical information about this malware?
A.
Threat intelligence feeds
B.
Computer emergency response team (CERT) press releases
A. Threat intelligence feeds
Explanation:
Threat intelligence feeds provide up-to-date technical details about emerging malware, including indicators of compromise (IoCs), attack vectors, and remediation techniques.
Why the other answers are less suitable:
B. Computer emergency response team (CERT) press releases: CERT may release information about major incidents or vulnerabilities, but their reports are generally broader and less focused on detailed technical analysis of specific malware strains.
C. Vulnerability databases: These databases, such as the National Vulnerability Database (NVD), catalog known software vulnerabilities.
D. Social network sites: are not reliable or authoritative sources for technical malware analysis.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
044f354
2 months, 4 weeks ago