What is a typical behavior Threat Emulation would detect as malicious?

Posted by: Pdfprep Category: 156-730 Tags: , , Post Date: November 29, 2020

You analyze your Threat Prevention events in SmartEvent and there is one specific event with a PDF-document you suspect being malicious.

What is a typical behavior Threat Emulation would detect as malicious?

When the PDF is opened in VM:
A . it tries to open in Acrobat Reader.
B . there are no changes to the registry.
C . it opens with Administrator privileges.
D . there is an outgoing network connection.

Answer: D

Author

Leave a Reply

Your email address will not be published.