ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 563 discussion

Actual exam question from CompTIA's CAS-004
Question #: 563
Topic #: 1
[All CAS-004 Questions]

Due to reports of malware targeting companies in the same industry, an organization wants to develop a comprehensive list of IoCs to determine if the systems might be affected in a similar attack. Which of the following would be best to use to develop this list?

  • A. Simulators
  • B. Sandbox detonation
  • C. Antivirus
  • D. Endpoint detection and response
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Bright07 at Dec. 24, 2024, 11:16 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Bright07
2 weeks, 3 days ago
Selected Answer: B
Sandbox detonation is the most appropriate option for developing a comprehensive list of Indicators of Compromise (IoCs) as it allows for in-depth analysis of malware behavior and the extraction of all relevant IoCs. These IoCs can then be used to detect if similar attacks or malware variants are present within the organization’s environment. By detonating the malware in a sandbox environment, security teams can capture all relevant IoCs associated with the malware, allowing them to detect whether the same attack or variant might be targeting their organization. Therefore, the correct answer is B. Sandbox detonation.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago