9

Practice Questions

Network Forensics Practice QuestionsAdvanced Network Forensics Practice QuestionsAdvanced Network Forensics FTP Hydra Crack Practice QuestionsAdvanced Network Forensics Telnet Hydra Crack Practice QuestionsSIEM Practice QuestionsIncident Response Practice QuestionsLive Forensics Practice QuestionsDLP Regex Practice QuestionsSplunk Practice Questions

Live Forensics Practice Questions

Unit 5 - Introduction to Live Forensics & Toolkit

Last Update Unknown

Live Forensics Practice Questions

Q1: Why do we need Live Memory Forensics/Live Response?

Select one or more:

  • Help conserve the resource
  • Be good for responding to reported incidents in multi-campus networks
  • Don't leave a footprint on memory
  • Could be read the contents of a mounted encrypted drive in plaintext.
Reveal Answer

The correct answers are:

  • Help conserve the resource
  • Be good for responding to reported incidents in multi-campus networks
  • Could be read the contents of a mounted encrypted drive in plaintext.

Q2: What are the disadvantages of Live Response?

Select one or more:

  • Live response is not repeatable
  • Investigators cannot ask new questions later
  • First Responder toolkit may rely on OS API
  • Not scalable to large networks
  • Cause interruption to high-value e-commerce and critical systems
Reveal Answer

The correct answers are:

  • Live response is not repeatable
  • Investigators cannot ask new questions later
  • First Responder toolkit may rely on OS API

Q3: Please put the following steps in the correct order.

Select one or more:

  • System date and time
  • Open files
  • Schedule tasks
  • All running processes
  • Logged-on user information
Reveal Answer

The correct answers are:

  • System date and time
  • Logged-on user information
  • All running processes
  • Open files
  • Schedule tasks