A forensic analyst suspects that a buffer overflow exists in a kernel module. The analyst executes the following command: 

However, the analyst is unable to find any evidence of the running shell. Which of the following of the MOST likely reason the analyst cannot find a process ID for the shell? 

Answer options:

A. The NX bit is enabled
B. The system uses ASLR
C. The shell is obfuscated
D. The code uses dynamic libraries

C