Ann, a member of the finance department at a large corporation, has submitted a suspicious email she received to the information security team. The team was not expecting an email from Ann, and it contains a PDF file inside a ZIP compressed archive. The information security team is not sure which files were opened. A security team member uses an air-gapped PC to open the ZIP and PDF, and it appears to be a social engineering attempt to deliver an exploit.
Which of the following would provide greater insight on the potential impact of this attempted attack?
- A.Run an antivirus scan on the finance PC.
- B.Use a protocol analyzer on the air-gapped PC.
- C.Perform reverse engineering on the document.
- D.Analyze network logs for unusual traffic.
- E.Run a baseline analyzer against the user's computer.