GREM 무료 덤프문제 온라인 액세스

Which techniques are used by malware to misdirect analysts and evade reverse engineering?
(Choose two)

• A.Control flow obfuscation
• B.Debugger detection
• C.Stack frame manipulation
• D.Cross-platform compatibility

What is the purpose of analyzing embedded scripts in a PDF file?

• A.To identify potentially malicious code
• B.To enhance the visual presentation of the PDF
• C.To improve the compression of the PDF file
• D.To correct typos in the PDF text

What is the primary purpose of using a disassembler in reverse engineering malware?

• A.To decrypt encoded strings
• B.To modify the malware's behavior
• C.To translate machine code into human-readable assembly code
• D.To observe runtime behavior of the malware

You are analyzing malware and notice a complex sequence of conditional branches and JMP instructions. The malware seems to randomly alter its execution flow based on certain conditions.
What steps should you take to fully understand its behavior? (Choose three)

• A.Step through the code in a debugger to observe how each condition is handled.
• B.Trace the instructions executed before and after each JMP instruction.
• C.Modify the malware's code to disable all JMP instructions.
• D.Analyze the malware's memory during execution to observe the effects of conditional statements.
• E.Run the malware in a sandbox environment to observe its network traffic.

When analyzing a ransomware sample you find code referencing CryptDeriveKey. What does this indicate?

• A.Persistence payload
• B.VM introspection
• C.Encryption routine
• D.Code signing