- What are some of the data points that can be found via memory analysis?
A) Running processes
B) Network connection
C) Command history
D) All of the above
- What is not part of the network connections methodology?
A) Process name
B) Parent process ID
C) Check for signs of a rootkit
D) Associated entities
- Dumping files associated with a process will never introduce malware to a responder's system.
A) True
B) False
- One of the primary goals of memory analysis is to acquire malicious processes or executables for further analysis.
A) True
B) False