A help-desk technician receives an unfamiliar Windows executable as an email attachment. The file needs to be analyzed for possible malware, but the technician must avoid any chance of infecting the corporate network. Which of the following approaches is BEST for safely testing the file?
Execute the file inside an isolated sandbox or virtual machine that is disconnected from production networks.
Forward the email to all staff and ask them to report any issues after opening the file.
Upload the attachment to a shared network folder so multiple users can test it simultaneously.
Temporarily disable the workstation's antivirus software and run the file on the desktop.
Running the executable in an isolated sandbox or virtual machine keeps the code completely separated from production resources, allowing behavioral analysis without endangering the host workstation or network. Disabling antivirus and executing on the desktop or a shared folder exposes live systems to potential infection, and forwarding the file to end users multiplies that risk instead of containing it.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a sandbox in computer security?
Open an interactive chat with Bash
How does a virtual machine help in malware analysis?
Open an interactive chat with Bash
Why is disabling antivirus software not a safe testing approach?