An organization's Chief Financial Officer (CFO) was the target of several different social engineering attacks recently.
The CFO has subsequently worked closely with the Chief Information Security Officer (CISO) to increase awareness of what attacks may look like.
An unexpected email arrives in the CFO's inbox from a familiar name with an attachment.
Which of the following should the CISO task a security analyst with to determine whether or not the attachment is safe?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
Given that the CFO has been targeted by social engineering attacks in the past, it is essential to ensure the safety of any email attachments received, especially those that are unexpected.
A. Placing the attachment in a malware sandbox would be the most appropriate option to determine if the attachment is safe or not. A malware sandbox is a secure, isolated environment where the attachment can be executed to see if it behaves maliciously or performs any unwanted actions. If the attachment is found to be malicious, the sandbox can help prevent it from infecting the system or network.
B. Performing a code review of the attachment would require a technical understanding of the code contained within the attachment. This approach is time-consuming and may not be effective, as attackers may use obfuscation techniques to hide the malicious code.
C. Conducting a memory dump of the CFO's computer would not be a suitable approach, as it would not provide any information about the safety of the attachment. It would only provide information about the current state of the CFO's computer's memory.
D. Running a vulnerability scan on the email server would also not be an effective method of determining the safety of the attachment. A vulnerability scan identifies vulnerabilities in software and systems, but it would not be able to determine whether the attachment is malicious or not.
Therefore, the most appropriate option for the CISO to task a security analyst with would be to place the attachment in a malware sandbox to determine if it is safe or not.