Computer Lab for Rent
Meeting Room Rental
Training Facility Rental
Exam Testing Center
Purchase Exam Vouchers
Custom Course Development
Who We Are
Work With Us
Incident Handling for Practitioners Quiz
Incident Handling for Practitioners
Step 1 of 11
Which UNIX/Linux command or tool enables you to search for patterns of information with regular expressions as a forensic analyst or incident handler?
None of the above
Select all that apply: What is the first step of incident handling?
In the Containment focus area, if data is being deleted, what is your first action?
Contact the System Owner
Capture volatile real-time data
Back up system data
Pull the power plug from the wall
Wireshark can decrypt IEEE 802.11 WLAN data and user specified encryption keys?
When in the forensics process, what are the four main data sources?
What type of examination tools identifies images and files with hidden data inside other files?
Log management tools
Volatile data capture tools
What forensics software enables an examiner to view data and preserve evidence integrity with accepted file types for use in the court of law?
When using EnCase, you have the ability to?
Identify deleted files
Identify data origination, user activity, data access dates
Generate high-level reports of metadata to analyze system activity
Recover files and partitions
All of the above
System Monitor (Sysmon) of the Sysinternals toolset for Windows systems, proves valuable for incident handlers because it can?
Hide its presence from potential malware and other system threats
Record process creation, network connections, and file creation time data in the system background
Capture packets from network activity for later analysis
None of the above
What operating system do you not use in forensics?