New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 212-89 Exam - Topic 4 Question 72 Discussion

Actual exam question for Eccouncil's 212-89 exam
Question #: 72
Topic #: 4
[All 212-89 Questions]

Patrick is doing a cyber forensic investigation. He is in the process of collecting physical

evidence at the crime scene.

Which of the following elements he must consider while collecting physical evidence?

Show Suggested Answer Hide Answer
Suggested Answer: D

In the context of collecting physical evidence during a cyber forensic investigation, Patrick must consider items like removable media, cables, and publications. These items can contain crucial information related to the crime, such as data storage devices (USB drives, external hard drives), cables connected to potentially relevant devices, and any printed materials that might have information or clues about the incident. Open ports, services, and OS vulnerabilities, DNS information, and published name servers and web application source code, while important in digital forensics, do not constitute physical evidence in the traditional sense. Reference: Incident Handler (ECIH v3) study guides and courses detail the process of evidence collection in cyber forensic investigations, emphasizing the importance of securing physical evidence that could support digital forensic analysis.


by Ernie at Nov 18, 2024, 02:29 AM

Limited Time Offer

25%

Off

Get Premium 212-89 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Leanna
3 months ago
I’m surprised removable media is even listed here!
upvoted 0 times
...
Eric
3 months ago
Agreed, open ports and OS vulnerabilities are crucial.
upvoted 0 times
...
Moon
3 months ago
Wait, why would he need web app source code? Seems off.
upvoted 0 times
...
Elliot
4 months ago
I think DNS info is super important too.
upvoted 0 times
...
Donte
4 months ago
Definitely need to check removable media and cables!
upvoted 0 times
...
Melvin
4 months ago
I believe removable media and cables are definitely important when collecting physical evidence, especially if they could contain crucial data.
upvoted 0 times
...
Cecilia
4 months ago
I vaguely recall that open ports and OS vulnerabilities are more about network security than physical evidence. I wonder if that's relevant here.
upvoted 0 times
...
Therese
4 months ago
I think we had a practice question about collecting evidence, and I feel like published name servers might not be directly related to physical evidence collection.
upvoted 0 times
...
Lanie
5 months ago
I remember we discussed the importance of physical evidence in class, but I'm not sure if removable media is the most critical element here.
upvoted 0 times
...
Vincent
5 months ago
Hmm, this is a tricky one. I'm not sure if the open ports and OS vulnerabilities are considered physical evidence. I think I'll go with option D, but I'm not 100% sure.
upvoted 0 times
...
Carlene
5 months ago
I feel pretty confident about this one. The key is that the question is specifically about physical evidence collection, so the answer has to be related to tangible, physical items at the crime scene. Option D seems like the best choice.
upvoted 0 times
...
Evangelina
5 months ago
Okay, let's see. The question is asking about physical evidence collection, so I don't think the DNS information or web app source code are relevant. I'm leaning towards option D - removable media, cables, and publications.
upvoted 0 times
...
Selma
5 months ago
Hmm, I'm a bit unsure about this one. I know we need to consider things like open ports and OS vulnerabilities, but I'm not sure if that's the right answer here. I'll have to think it through carefully.
upvoted 0 times
...
Elvis
5 months ago
This seems like a pretty straightforward question. I'd focus on the key elements of physical evidence collection, like removable media, cables, and publications.
upvoted 0 times
...
Cheryl
1 year ago
Forget the evidence, I just want to know who did it! Whodunit, that's the real mystery here.
upvoted 0 times
...
Rosalind
1 year ago
D is the way to go, no doubt. Who needs digital evidence when you've got good old physical stuff to work with?
upvoted 0 times
Cary
1 year ago
I agree, D is essential. It's always good to have a variety of evidence to work with.
upvoted 0 times
...
Johanna
1 year ago
D is definitely important. Physical evidence can be crucial in a cyber forensic investigation.
upvoted 0 times
...
...
Delmy
1 year ago
I believe option A) Open ports, services, and operating system (OS) vulnerabilities is also important to consider.
upvoted 0 times
...
Olen
1 year ago
Hmm, I don't know. D seems a bit too simple. Maybe I should consider the other options as well.
upvoted 0 times
...
Deonna
1 year ago
I'm going with D too. Those publications might have some juicy details about the crime scene.
upvoted 0 times
Sylvie
1 year ago
I'm going with D too. Those publications might have some juicy details about the crime scene.
upvoted 0 times
...
Tiara
1 year ago
D) Removable media, cable, and publications
upvoted 0 times
...
Tasia
1 year ago
C) Published name servers and web application source code
upvoted 0 times
...
Sage
1 year ago
B) DNS information including domain and subdomains
upvoted 0 times
...
Lenna
1 year ago
A) Open ports, services, and operating system (OS) vulnerabilities
upvoted 0 times
...
...
Dominga
1 year ago
D seems like the obvious choice here. Gotta collect that physical evidence like removable media and cables, right?
upvoted 0 times
Theron
1 year ago
User 4: True, all of those elements are important for a cyber forensic investigation.
upvoted 0 times
...
Cristina
1 year ago
User 3: Don't forget about publications, they could contain important information too.
upvoted 0 times
...
Nobuko
1 year ago
User 2: Yeah, collecting removable media and cables is crucial for physical evidence.
upvoted 0 times
...
Regenia
1 year ago
User 1: D seems like the obvious choice here.
upvoted 0 times
...
...
Esteban
1 year ago
I agree with Chau. Those items could contain valuable evidence for the investigation.
upvoted 0 times
...
Chau
1 year ago
I think Patrick should consider option D) Removable media, cable, and publications.
upvoted 0 times
...

Save Cancel