Notifications
Clear all
Topic starter
15/06/2022 6:09 am
A user receives a potentially malicious email that contains spelling errors and a PDF document. A security analyst reviews the email and decides to download the attachment to a Linux sandbox for review.
Which of the following commands would MOST likely indicate if the email is malicious?
- A . sha256sum ~/Desktop/file.pdf
- B . file ~/Desktop/file.pdf
- C . strings ~/Desktop/file.pdf | grep "<script"
- D . cat < ~/Desktop/file.pdf | grep -i .exe
Suggested Answer: A