A company wants to perform analysis of a tool that is suspected to contain a malicious payload. A forensic analyst is given the following snippet: ^32^[34fda19 (fd^43gfd/home/user/lib/module.so.343jk^rfw(342fds43g ‘
Which of the following did the analyst use to determine the location of the malicious payload?
A. Code deduplicators
B. Binary reverse-engineering
C. Fuzztesting
D. Security containers
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
A code deduplication removes multiple lines of the same code, this is not the output.
Binary revers engineering could possibly result in this kind of information.
Fuzztesting is a completely random output. There’s clearly structure here, so not this.
Security Containers are isolated code, and nothing like this.
Answer B