Eccouncil Exam 312-49 Topic 1 Question 63 Discussion

Actual exam question for Eccouncil's 312-49 exam

Question #: 63
Topic #: 1

[All 312-49 Questions]

When should an MD5 hash check be performed when processing evidence?

AAfter the evidence examination has been completed

BOn an hourly basis during the evidence examination

CBefore and after evidence examination

DBefore the evidence examination has been completed

Show Suggested Answer

Suggested Answer: D

by Casey at Aug 07, 2024, 11:33 PM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

2 days ago

I believe it should be done after the evidence examination has been completed to verify everything is still intact.

upvoted 0 times

...

3 days ago

I agree with Cheryll. Performing the check before and after ensures the integrity of the evidence.

upvoted 0 times

...

9 days ago

D) Before the evidence examination has been completed. Gotta make sure the data is legit before you start digging in, am I right?

upvoted 0 times

...

10 days ago

C) Before and after evidence examination seems like the obvious choice to ensure the integrity of the evidence throughout the process.

upvoted 0 times

...

14 days ago

I think an MD5 hash check should be performed before and after evidence examination.

upvoted 0 times

...