Last Updated on February 5, 2022 by Admin 2
Why would an incident handler acquire memory on a system being investigated?
- To determine whether a malicious DLL has been injected into an application
- To identify whether a program is set to auto-run through a registry hook
- To list which services are installed on they system
- To verify which user accounts have root or admin privileges on the system