Chong-lee, a forensics executive, suspects that a malware is continuously making copies of files and folders on a victim system to consume the available disk space. What type of test would confirm his claim?
Chong-lee, a forensics executive, suspects that a malware is continuously making copies of files and folders on a victim system to consume the available disk space. What type of test would confirm his claim?
Dynamic analysis involves observing the system in real-time to monitor its behavior and interactions, which includes detecting any continuous file and folder copying by malware to consume disk space. This would allow Chong-lee to confirm his suspicion by examining the active file operations and changes occurring within the system.
Why note Dynamic analysis ? We could view the mentioned copies.
It is 100% possible with dynamic analysis. I would go with D
File fingerprinting when Chong-lee doesn't know the file seems incorrect. Dynamic Analysis to find live file duplication would be the correct answer