A security analyst is analyzing a suspicious PE file. Using a hex editor, the analyst sees the ASCII string 'MZ' at the beginning. What does this indicate?
Correct. 'MZ' is the PE signature.
Why this answer
The 'MZ' magic bytes (0x4D 0x5A) are the signature of a Portable Executable (PE) file, indicating it is a Windows executable. This is the first step in file identification.