Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 212-89 Exam - Topic 4 Question 47 Discussion

Actual exam question for Eccouncil's 212-89 exam
Question #: 47
Topic #: 4
[All 212-89 Questions]

Farheen is an incident responder at reputed IT Firm based in Florid

a. Farheen was asked to investigate a recent cybercrime faced by the organization. As part of this process, she collected static data from a victim system. She used DD tool command to perform forensic duplication to obtain an NTFS image of the original disk. She created a sector-by-sector mirror imaging of the disk and saved the output image file as image.dd.

Identify the static data collection process step performed by Farheen while collecting static data.

Show Suggested Answer Hide Answer
Suggested Answer: A

by Deandrea at Aug 10, 2023, 10:25 PM

Limited Time Offer

25%

Off

Get Premium 212-89 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Maryann
6 months ago
Are we sure this is the right process? Seems off.
upvoted 0 times
...
Jettie
6 months ago
Wow, I didn't know you could save it as image.dd!
upvoted 0 times
...
Walton
7 months ago
I thought it was more about physical presentation?
upvoted 0 times
...
Victor
7 months ago
Definitely a system preservation step!
upvoted 0 times
...
Zack
7 months ago
Farheen used DD tool for forensic duplication.
upvoted 0 times
...
Arminda
7 months ago
I keep mixing up "administrative consideration" and "system preservation." I need to double-check which one applies here!
upvoted 0 times
...
Arlie
7 months ago
I practiced a similar question where we discussed the steps in data collection, and I think "system preservation" was emphasized there too.
upvoted 0 times
...
Tula
8 months ago
I'm not entirely sure, but I feel like the term "physical presentation" could relate to how the data was collected.
upvoted 0 times
...
Kathryn
8 months ago
I remember studying about the importance of system preservation in forensic investigations, so I think that might be the right answer.
upvoted 0 times
...
Soledad
8 months ago
I'm not totally confident on this one. I'll try to eliminate the options that seem obviously true, and then make my best guess on the remaining one.
upvoted 0 times
...
Blair
8 months ago
Wait, I'm confused. If a broadcast packet is being received, wouldn't it need to be processed all the way up to the network layer to determine if the destination address matches? I'm not sure about this one.
upvoted 0 times
...
Freeman
1 year ago
Ah, the classic DD tool. It's like the Swiss Army knife of forensics, isn't it? I'm going with C - System preservation on this one.
upvoted 0 times
Laticia
1 year ago
User 3: Yeah, system preservation is crucial in maintaining the integrity of the evidence.
upvoted 0 times
...
Gail
1 year ago
User 2: I think Farheen was focusing on system preservation when she collected the static data.
upvoted 0 times
...
Glenn
1 year ago
User 1: I agree, the DD tool is definitely a versatile tool for forensics.
upvoted 0 times
...
...
Juliann
1 year ago
Haha, DD tool? More like 'do or die' tool, am I right? But seriously, I think the answer is C - System preservation.
upvoted 0 times
Daniel
11 months ago
System preservation is crucial in incident response investigations.
upvoted 0 times
...
Stephaine
11 months ago
D) Physical presentation
upvoted 0 times
...
Alexis
11 months ago
Farheen did a great job using the DD tool for forensic duplication.
upvoted 0 times
...
Cortney
11 months ago
C) System preservation
upvoted 0 times
...
Marge
11 months ago
B) Administrative consideration
upvoted 0 times
...
Britt
11 months ago
I agree, it's definitely important to preserve the system during data collection.
upvoted 0 times
...
Annmarie
12 months ago
A) Comparison
upvoted 0 times
...
Orville
1 year ago
Yes, you're right! DD tool is quite powerful.
upvoted 0 times
...
...
Izetta
1 year ago
Wait, did she use the DD tool to make a mirror image? Isn't that more like physical presentation? I'm not sure about this one.
upvoted 0 times
...
Jenelle
1 year ago
This is a pretty straightforward question. Farheen used the DD tool command to perform forensic duplication, which is the correct answer - System preservation.
upvoted 0 times
Aleta
1 year ago
System preservation was crucial in collecting static data for the investigation.
upvoted 0 times
...
Edelmira
1 year ago
Farheen used the DD tool command to perform forensic duplication, which is the correct answer - System preservation.
upvoted 0 times
...
...
Raylene
1 year ago
I believe it could also be Administrative consideration, as ensuring proper documentation and chain of custody is important in cybercrime investigations.
upvoted 0 times
...
Stephaine
1 year ago
I agree with Merrilee, System preservation is crucial in forensic investigations to ensure the integrity of the evidence.
upvoted 0 times
...
Merrilee
1 year ago
I think the static data collection process step performed by Farheen is System preservation.
upvoted 0 times
...

Save Cancel