WGU (D431/C840) Digital Forensics in Cybersecurity Course Exam - Topic 4 Question 9 Discussion

Actual exam question for WGU's WGU (D431/C840) Digital Forensics in Cybersecurity Course exam

Question #: 9
Topic #: 4

[All WGU (D431/C840) Digital Forensics in Cybersecurity Course Questions]

A forensics investigator is investigating a Windows computer which may be collecting data from other computers on the network.

Which Windows command line tool can be used to determine connections between machines?

ATelnet

BXdetect

COpenfiles

DNetstat

Show Suggested Answer

Suggested Answer: D

Comprehensive and Detailed Explanation From Exact Extract:

Netstat is a standard Windows command line utility that displays active network connections, routing tables, and network interface statistics. It is widely used in forensic investigations to identify current and past TCP/IP connections, including IP addresses and port numbers associated with remote hosts. This information helps investigators identify if the suspect computer has active connections to other machines potentially used for data collection or command and control.

Telnet is a protocol used to connect to remote machines but does not display current network connections.

Openfiles shows files opened remotely but not network connection details.

Xdetect is not a standard Windows tool and not recognized in forensic investigations.

According to NIST SP 800-86 and SANS Digital Forensics guidelines, netstat is an essential tool for gathering network-related evidence during system investigations.

by Aleta at Apr 09, 2026, 05:34 AM

Limited Time Offer

25%

Off

Get Premium WGU (D431/C840) Digital Forensics in Cybersecurity Course Questions as Interactive Web-Based Practice Test or PDF