During the collection of forensic evidence, which of the following actions would MOST likely result in the des

adminJanuary 30, 2019

During the collection of forensic evidence, which of the following actions would MOST likely result in the destruction or corruption of evidence on a compromised system?

A. Dumping the memory content to a file

B. Generating disk images of the compromised system

C. Rebooting the system

D. Removing the system from the network

Explanation:

Rebooting the system may result in a change in the system state and the loss of files and important evidence stored in memory. The other choices are appropriate actions for preserving evidence.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

During the collection of forensic evidence, which of the following actions would MOST likely result in the des

Leave a Reply Cancel reply