{"id":3713,"date":"2023-12-03T18:56:49","date_gmt":"2023-12-03T18:56:49","guid":{"rendered":"https:\/\/exampracticetests.com\/c\/SY0-601\/comptia-security-sy0-601-question487\/"},"modified":"2023-12-03T18:56:49","modified_gmt":"2023-12-03T18:56:49","slug":"comptia-security-sy0-601-question487","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/c\/SY0-601\/comptia-security-sy0-601-question487\/","title":{"rendered":"CompTIA Security+ SY0-601 &#8211; Question487"},"content":{"rendered":"<div class=\"question\">A digital forensics team at a large company is investigating a case in which malicious code was downloaded<br \/>\nover an HTTPS connection and was running in memory, but was never committed to disk. Which of the<br \/>\nfollowing techniques should the team use to obtain a sample of the malware binary?<br \/>\n<br \/><strong><br \/>A.<\/strong> pcap reassembly<br \/><strong>B.<\/strong> SSD snapshot<br \/><strong>C.<\/strong> Image volatile memory<br \/><strong>D.<\/strong> Extract from checksums<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>C<\/strong><\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>A digital forensics team at a large company is investigating a case in which malicious code was downloaded over an HTTPS connection and was running in memory, but was never committed to disk. Which of the following techniques should the team use to obtain a sample of the malware binary? A. pcap reassemblyB. SSD snapshotC. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,490],"class_list":["post-3713","post","type-post","status-publish","format-standard","hentry","category-comptia-security-sy0-601","tag-comptia-security-sy0-601","tag-question-487"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/posts\/3713","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/comments?post=3713"}],"version-history":[{"count":0,"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/posts\/3713\/revisions"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/media?parent=3713"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/categories?post=3713"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/tags?post=3713"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}