- Home
- EC-COUNCIL
- EC Council Certified Incident Handler (ECIH v3)
- EC-COUNCIL.212-89.v2024-08-30.q74
- Question 59
Valid 212-89 Dumps shared by ExamDiscuss.com for Helping Passing 212-89 Exam! ExamDiscuss.com now offer the newest 212-89 exam dumps, the ExamDiscuss.com 212-89 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 212-89 dumps with Test Engine here:
Access 212-89 Dumps Premium Version
(174 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 59/74
Marley was asked by his incident handling and response (IH&R) team lead to collect volatile datasuch as system information and network information present in the registries, cache, and RAM of victim's system.
Identify the data acquisition method Marley must employ to collect volatile data.
Identify the data acquisition method Marley must employ to collect volatile data.
Correct Answer: C
Live data acquisition is the process of collecting volatile data from a system that is still running. Volatile data includes information stored in system memory (RAM), cache, and system and network configuration settings that are lost when the system is powered off. This method is essential for capturing data that can provide insights into the state of the system at the time of an incident, including active network connections, running processes, and the contents of memory. Marley must employ live data acquisition to ensure that this crucial and ephemeral data is not lost, which can be pivotal in understanding and responding to the incident effectively.
References:The concept of live data acquisition is discussed in the ECIH v3 certification program by EC-Council, which emphasizes its importance in the context of incident handling and response for capturing volatile information that could be critical to the investigation.
References:The concept of live data acquisition is discussed in the ECIH v3 certification program by EC-Council, which emphasizes its importance in the context of incident handling and response for capturing volatile information that could be critical to the investigation.
- Question List (74q)
- Question 1: Rica works as an incident handler for an international compa...
- Question 2: Which of the following is a volatile evidence collecting too...
- Question 3: Robert is an incident handler working for Xsecurity Inc. One...
- Question 4: Which of the following is NOT part of the static data collec...
- Question 5: Which of the following has been used to evade IDS and IPS?...
- Question 6: An attack on a network is BEST blocked using which of the fo...
- Question 7: Which of the following is a term that describes the combinat...
- Question 8: QualTech Solutions is a leading security services enterprise...
- Question 9: Elizabeth, who works for OBC organization as an incident res...
- Question 10: Stenley is an incident handler working for Texa Corp. locate...
- Question 11: Which of the following is an attack that occurs when a malic...
- Question 12: An insider threat response plan helps an organization minimi...
- Question 13: QualTech Solutions is a leading security services enterprise...
- Question 14: Alexis works as an incident responder at XYZ organization. S...
- Question 15: Alice is a disgruntled employee. She decided to acquire crit...
- Question 16: Allan performed a reconnaissance attack on his corporate net...
- Question 17: Ikeo Corp, hired an incident response team to assess the ent...
- Question 18: Which of the following is an attack that attempts to prevent...
- Question 19: In which of the following phases of the incident handling an...
- Question 20: ZYX company experienced a DoS/DDoS attack on their network. ...
- Question 21: Jason is setting up a computer forensics lab and must perfor...
- Question 22: Matt is an incident handler working for one of the largest s...
- Question 23: Robert is an incident handler working for Xsecurity Inc. One...
- Question 24: Which of the following does NOT reduce the success rate of S...
- Question 25: Bob, an incident responder at CyberTech Solutions, is invest...
- Question 26: Shally, an incident handler, is working for a company named ...
- Question 27: Identify Sarbanes-Oxley Act (SOX) Title, which consists of o...
- Question 28: Michael is a part of the computer incident response team of ...
- Question 29: Which of the following GPG18 and Forensic readiness planning...
- Question 30: Rose is an incident-handling person and she is responsible f...
- Question 31: Which of the following information security personnel handle...
- Question 32: Auser downloaded what appears to be genuine software. Unknow...
- Question 33: Which of the following is a type of malicious code or softwa...
- Question 34: Joseph is an incident handling and response (IH&R) team ...
- Question 35: Which of the following options describes common characterist...
- Question 36: In which of the following phases of incident handling and re...
- Question 37: BadGuy Bob hid files in the slack space, changed the file he...
- Question 38: Which of the following terms refers to the personnel that th...
- Question 39: An attacker after performing an attack decided to wipe evide...
- Question 40: Darwin is an attacker residing within the organization and i...
- Question 41: Ross is an incident manager (IM) at an organization, and his...
- Question 42: Which of the following risk management processes identifies ...
- Question 43: Miko was hired as an incident handler in XYZ company. His fi...
- Question 44: Which of the following is not called volatile data?...
- Question 45: Stanley works as an incident responder at a top MNC based ou...
- Question 46: Ren is assigned to handle a security incident of an organiza...
- Question 47: You are a systems administrator for a company. You are acces...
- Question 48: Nervous Nat often sends emails with screenshots of what he t...
- Question 49: Oscar receives an email from an unknown source containing hi...
- Question 50: Smith employs various malware detection techniques to thorou...
- Question 51: What is the most recent NIST standard for incident response?...
- Question 52: Racheal is an incident handler working in InceptionTech orga...
- Question 53: Which of the following details are included in the evidence ...
- Question 54: Which of the following is the ECIH phase that involves remov...
- Question 55: Eve's is an incident handler in ABC organization. One day, s...
- Question 56: Employee monitoring tools are mostly used by employers to fi...
- Question 57: Which of the following is a standard framework that provides...
- Question 58: You are talking to a colleague who Is deciding what informat...
- Question 59: Marley was asked by his incident handling and response (IH&a...
- Question 60: Which of the following risk mitigation strategies involves e...
- Question 61: Richard is analyzing a corporate network. After an alert in ...
- Question 62: John is a professional hacker who is performing an attack on...
- Question 63: Khai was tasked with examining the logs from a Linux email s...
- Question 64: Which of the following terms refers to an organization's abi...
- Question 65: Adam is an incident handler who intends to use DBCC LOG comm...
- Question 66: Dan is a newly appointed information security professional i...
- Question 67: Which of the following is a common tool used to help detect ...
- Question 68: Michael is an incident handler at CyberTech Solutions. He is...
- Question 69: An incident handler is analyzing email headers to find out s...
- Question 70: Which of the following techniques helps incident handlers to...
- Question 71: Alex is an incident handler for Tech-o-Tech Inc. and is task...
- Question 72: During the vulnerability assessment phase, the incident resp...
- Question 73: Which of the following are malicious software programs that ...
- Question 74: Shiela is working at night as an incident handler. During a ...
