Which description of a retrospective maKvare detection is true?

Which description of a retrospective maKvare detection is true?
A. You use Wireshark to identify the malware source.
B. You use historical information from one or more sources to identify the affected host or file.
C. You use information from a network analyzer to identify the malware source.
D. You use Wireshark to identify the affected host or file.

SHOW ANSWERS

5 thoughts on “Which description of a retrospective maKvare detection is true?”

B – Key word is retrospective which means looking back, i.e. historical as per Ray

B. You use historical information from one or more sources to identify the affected host or file.
is the correct answer, Look at the definition of retrospective = from history

i think the answer is D

Ray says:

03/16/2018 at 7:47 PM

Don’t think, look into the book or google or NIST docs

Reply
1. Johnny Appleseed says:
  
  03/17/2018 at 3:24 PM
  
  Agree with Ray! Can’t just guess at answers….. need to understand the questions fully as well as all the possible answers! When you get to that point, some answers don’t even make sense.
  
  Reply

5 thoughts on “Which description of a retrospective maKvare detection is true?”

Leave a Reply Cancel reply