New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCED Exam - Topic 5 Question 5 Discussion

Actual exam question for GIAC's GCED exam
Question #: 5
Topic #: 5
[All GCED Questions]

Of the following pieces of digital evidence, which would be collected FIRST from a live system involved in an incident?

Show Suggested Answer Hide Answer
Suggested Answer: D

Best practices suggest that live response should follow the order of volatility, which means that you want to collect data which is changing the most rapidly. The order of volatility is:

Memory

Swap or page file

Network status and current / recent network connections

Running processes

Open files


by Antione at May 07, 2022, 01:57 AM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Kristal
4 months ago
Really? I’m surprised logs are the top pick.
upvoted 0 times
...
Lynette
4 months ago
I thought media in the CDrom drive would be a priority.
upvoted 0 times
...
Laura
4 months ago
Wait, why not check the swap space first? Seems important too.
upvoted 0 times
...
Billi
4 months ago
Definitely agree, logs tell the whole story.
upvoted 0 times
...
Vernell
5 months ago
I’d go for the event logs first. They’re crucial!
upvoted 0 times
...
Tequila
5 months ago
I have a hunch that the directory listing might be important, but I’m not confident it’s the first step in the process.
upvoted 0 times
...
Joesph
5 months ago
I feel like event logs are crucial, but they might not be the first thing to grab. I can't quite recall the order we learned.
upvoted 0 times
...
Lashaun
5 months ago
I think we practiced a similar question where we prioritized live data over static. Maybe it's the swap space and page files?
upvoted 0 times
...
Lauran
5 months ago
I remember we discussed the importance of collecting volatile data first, but I'm not sure if that applies here.
upvoted 0 times
...
Ryan
5 months ago
Okay, the key steps seem to be downloading the file, uploading it to the right admin console, and then toggling the setting. I'll make sure to follow those in order.
upvoted 0 times
...
Arminda
5 months ago
Ah, I see. Option E, clicking the context menu on the Category column title, that could work too. I'll have to test out a few of these options to see which one is most efficient.
upvoted 0 times
...
Amalia
5 months ago
I'm struggling to remember the exact term, but I think it's tied to customer experience. Is it total quality?
upvoted 0 times
...
Erinn
5 months ago
This looks like a tricky question, but I think I can handle it. I'll need to carefully analyze the attack method and consider the best way to protect against it.
upvoted 0 times
...

Save Cancel