Do you know that you can access more real exam questions via Premium Access? ()
You notice that taskeng.exe is one of the processes involved in a detection. What activity should you investigate next?
Answer : C
According to the [Microsoft website], taskeng.exe is a legitimate Windows process that is responsible for running scheduled tasks. However, some malware may use this process or create a fake one to execute malicious code. Therefore, if you notice taskeng.exe involved in a detection, you should investigate whether there are any scheduled tasks registered prior to the detection that may have triggered or injected into taskeng.exe. You can use tools such as schtasks.exe or Task Scheduler to view or manage scheduled tasks.
Where can you find hosts that are in Reduced Functionality Mode?
When reviewing a Host Timeline, which of the following filters is available?
In the "Full Detection Details", which view will provide an exportable text listing of events like DNS requests. Registry Operations, and Network Operations?
When looking at the details of a detection, there are two fields called Global Prevalence and Local Prevalence. Which answer best defines Local Prevalence?