Discussion
Question 1. In one of your readings for this week the authors describe "malicious code detection as an obfuscation-deobfuscation game" -- why?
Give two examples of how malware may try to hide itself on an asset.
Question 2. Give an example of an incident where it was discovered that a RAT was found in a corporate network.
Identify one method a forensic investigator may use to identify a potential RAT program?