CompTIA Advanced Security Practitioner (CASP) Question 42

A company wants to perform analysis of a tool that is suspected to contain a malicious payload. A forensic analyst is given the following snippet:

^32^[34fda19(fd^43gfd/home/user/lib/module.so.343jk^rfw(342fds43g

Which of the following did the analyst use to determine the location of the malicious payload?

A. Code deduplicators
B. Binary reverse-engineering
C. Fuzz testing
D. Security containers

Correct Answer: B