A security researcher wants to reverse engineer an executable file to determine if it is malicious.
The file was found on an underused server and appears to contain a zero-day exploit. Which of
the following can the researcher do to determine if the file is malicious in nature?
A.
TCP/IP socket design review
B.
Executable code review
C.
OS Baseline comparison
D.
Software architecture review