Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

WGU (D431/C840) Digital Forensics in Cybersecurity Course Exam - Topic 3 Question 7 Discussion

Actual exam question for WGU's WGU (D431/C840) Digital Forensics in Cybersecurity Course exam
Question #: 7
Topic #: 3
[All WGU (D431/C840) Digital Forensics in Cybersecurity Course Questions]

Thomas received an email stating he needed to follow a link and verify his bank account information to ensure it was secure. Shortly after following the instructions, Thomas noticed money was missing from his account.

Which digital evidence should be considered to determine how Thomas' account information was compromised?

Show Suggested Answer Hide Answer
Suggested Answer: A

Comprehensive and Detailed Explanation From Exact Extract:

The email messages, including headers and content, contain information about the phishing attempt, such as sender details and embedded links. Analyzing these messages can help trace the source of the scam and determine the method used to deceive the victim.

Email headers provide metadata for tracking the origin.

Forensic examination of emails is fundamental in investigating social engineering and phishing attacks.


NIST SP 800-101 and forensic email analysis protocols recommend thorough email message examination in phishing investigations.

by Iola at Mar 03, 2026, 04:01 PM

Limited Time Offer

25%

Off

Get Premium WGU (D431/C840) Digital Forensics in Cybersecurity Course Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Juliann
15 days ago
Bank transaction logs are crucial to track the missing money.
upvoted 0 times
...
Lai
20 days ago
Wait, how did he not see it was a phishing attempt?
upvoted 0 times
...
Jani
26 days ago
I think the browser cache could show what he clicked on.
upvoted 0 times
...
Veronika
1 month ago
Definitely the email messages, that's where it all started.
upvoted 0 times
...
Annamaria
1 month ago
Firewall logs might not be relevant since they usually track incoming and outgoing traffic, but I guess they could show if any suspicious activity occurred.
upvoted 0 times
...
Belen
1 month ago
Bank transaction logs could help identify when the money was taken, but I feel like the email is more directly related to the compromise.
upvoted 0 times
...
Joseph
2 months ago
I'm not entirely sure, but I remember something about browser cache possibly holding the link he clicked on.
upvoted 0 times
...
Joanna
2 months ago
I think email messages are crucial here since that's how the phishing attempt started.
upvoted 0 times
...
Louvenia
2 months ago
I wonder if firewall logs would show anything relevant. I think they might help, but I can't remember if they track outgoing connections like that.
upvoted 0 times
...
Tiera
2 months ago
Bank transaction logs could be important too, but I feel like they won't tell us how the information was compromised, just what happened after.
upvoted 0 times
...
Leandro
2 months ago
I'm not so sure about the browser cache. I remember something about it being useful, but I can't recall exactly how it relates to phishing.
upvoted 0 times
...
Yolande
2 months ago
I think we should definitely look at the email messages first. That seems like the most direct evidence of how he got tricked.
upvoted 0 times
...

Save Cancel