An IT security analyst at a financial institution has been tasked to inspect a suspected compromised workstation after several employees reported unusual activity. The analyst needs to verify if a keylogger software is installed on the system. Which of the following actions is MOST effective in determining the presence of keylogging software on the workstation?
Check for unusual file permissions on critical system files and directories.
Review the list of running processes and installed programs on the system.
Ensure that the operating system and security software are up to date with the latest patches.
Examine outbound network traffic for transmission of sensitive data to unauthorized destinations.