Which malware investigation approach provides a detailed log of a system’s file system, network, registry and process activities?
Which malware investigation approach provides a detailed log of a system’s file system, network, registry and process activities?
The investigation approach that provides a detailed log of a system's file system, network, registry, and process activities is Continuous monitoring. This method involves continuously recording activities and changes on the system, allowing for a comprehensive log that can be analyzed for malware behavior.
Answer is "B". The Process Monitor is a tool that does Continuous Recording/Monitoring
Reference: 1-86,89
Only two types: Continuous and Snapshot. Snapshot is the correct answer
Answer is D- Snapshot