• Post author:
  • Post category:SEO
  • Reading time:2 mins read
  • Post last modified:June 12, 2024

A system administrator runs a file scan utility on a Windows PC and notices a file lsass.exe in the Program Files directory. What should the administrator do?

  • Delete the file because it is probably malware.
  • Move it to Program Files (x86) because it is a 32bit application.
  • Open the Task Manager, right-click on the lsass process and choose End Task .
  • Uninstall the lsass application because it is a legacy application and no longer required by Windows.
Answers Explanation & Hints:

On Windows computers, security logging and security policies enforcement are carried out by the Local Security Authority Subsystem Service (LSASS), running as lsass.exe. It should be running from the Windows\System32 directory. If a file with this name, or a camouflaged name, such as 1sass.exe, is running or running from another directory, it could be malware.

For more Questions and Answers:

CyberOps Associate 1.02 & CA v1.0 Modules 24 – 25: Protocols and Log Files Group Exam Answers Full 100%

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments