CAS-005
Security Operations
medium
Question 6 of 22

A SOC analyst is investigating a suspected intrusion. The analyst discovers an executable that was not detected by the endpoint protection tool. The analyst wants to analyze its behavior in a controlled environment without risking production systems. Which technique BEST supports this goal?

ARun the executable on the analyst's workstation with the network cable unplugged
BSubmit the executable to a malware sandboxing service for dynamic behavioral analysis
CSearch for the file hash in the CVE database
DPerform static code signing verification of the executable

More Security Operations Questions

22 questions

Full CompTIA SecurityX Practice Test

All topics covered

All CompTIA SecurityX Questions

Browse by topic

Related Questions

Which format is used to share structured threat intelligence indicators, including IoCs, TTPs, and t...

easy

Which internal threat hunting technique deploys decoy systems or credentials to detect attacker late...

easy

A threat hunter is searching for signs of command-and-control traffic in network logs. The hunter ne...

medium

A SIEM is generating a high volume of alerts for failed SSH login attempts from internal IP addresse...

medium

After a security incident, the incident response team needs to determine the sequence of events that...

medium
View all Security Operations questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account