Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-49v10 All Questions

View all questions & answers for the 312-49v10 exam
Go to Exam

Exam 312-49v10 topic 1 question 825 discussion

Actual exam question from ECCouncil's 312-49v10
Question #: 825
Topic #: 1
[All 312-49v10 Questions]

In a computer forensics investigation, an investigator is dealing with a system that has been recently shut down. The data they need is of a non-volatile nature. Which type of data acquisition methodology should the investigator adopt in this scenario and why?

  • A. The investigator should not perform any data acquisition as the system is already powered off
  • B. The investigator should use either live or dead data acquisition as both methods can collect non-volatile data from the system
  • C. The investigator should use live data acquisition since it is intended to capture dynamic data from the computer's memory, caches, and registries
  • D. The investigator should use dead data acquisition because it is designed to collect unaltered data from storage devices such as hard drives and USB thumb drives
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Elb at May 29, 2024, 6:23 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Elb
6 months ago
Selected Answer: D
Dead acquisition is defined as the acquisition of data from a suspect machine that is powered off. Dead acquisition usually involves acquiring data from storage devices such hard drives, DVD-ROMs, USB drives, flash cards, and smart phones
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel