A security analyst has a sample of malicious software and needs to know what the sample does. The analyst runs the sample in a carefully-controlled and monitored virtual machine to observe the software's behavior. The approach of malware analysis can BEST be described as:

Which of the following items is NOT included on your snapshot?

A) Profession B) Messages C) Education D) Previous employment

Which of the following is not true of Sysprep?

a. Sysprep can be used to prepare an installed computer so it can be duplicated as an image. b. Sysprep comes with an image suitable for deployment. c. Sysprep removes the original SIDs from the duplicated image. d. Sysprep can be used for upgrading computers running older versions of Windows to Windows 7.