Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam 212-89 Topic 3 Question 55 Discussion

Actual exam question for Eccouncil's 212-89 exam
Question #: 55
Topic #: 3
[All 212-89 Questions]

John is performing memory dump analysis in order to find out the traces of malware.

He has employed volatility tool in order to achieve his objective.

Which of the following volatility framework commands he will use in order to analyze running process from the memory dump?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Lina at Apr 29, 2024, 09:17 PM

Limited Time Offer

25%

Off

Get Premium 212-89 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Quentin
1 years ago
So, option B fits best for analyzing running processes.
upvoted 0 times
...
Charolette
1 years ago
Yes, and imageinfo provides memory image information.
upvoted 0 times
...
Salome
1 years ago
Yeah, hivelist is for registry, right?
upvoted 0 times
...
Peter
1 years ago
I think the answer is B. pslist is for running processes.
upvoted 0 times
...
Quentin
1 years ago
Agreed, you need to know Volatility commands well.
upvoted 0 times
...
Salome
1 years ago
This exam question looks tricky.
upvoted 0 times
...

Save Cancel