Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Which of these give a malware analyst a "static" view of the malware internals?
String Search
All of these
Hex Editor
Disassembler
I'm not sure. For static analysis both Disasembler and Hex Editor are valuable. Also, if you use the debugger to inspect the code and see the psudo-C analysis (with IDA PRo for example) and not run the malware, you are performing an static analysis. So I would say "All of these" EDIT: A few examples of static malware analysis includes: scanning with anti-virus software, looking at the malware with a hex editor, unpacking the malware, performing a strings search and disassembling the malware. See the abstract at https://www.sans.org/reading-room/whitepapers/malicious/malware-analysis-introduction-2103 . So I changed the answer to All of these. EDIT Spike60: Hmmm, not so sure, how can string search help if you don't know what you are looking for? The other 2 seem reasonable assertions but I cannot see how string search helps. Whoever wrote this should provide an example.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.