A forensic analyst examines a Linux system and finds entries in /proc/[pid]/maps showing memory regions marked 'rwx'. Why is this significant?
-
A
Regions with read-write-execute permissions may contain injected shellcode
-
B
This is normal for shared libraries loaded by processes
-
C
It indicates the process is using encrypted memory
-
D
rwx regions are standard for JIT-compiled applications only