Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

GIAC Exam GCED Topic 6 Question 42 Discussion

Actual exam question for GIAC's GCED exam
Question #: 42
Topic #: 6
[All GCED Questions]

When attempting to collect data from a suspected system compromise, which of the following should generally be collected first?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Lemuel at Jun 21, 2024, 12:30 AM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Yoko
18 days ago
Definitely B) The contents of physical memory. That's the first thing I learned in my incident response training.
upvoted 0 times
Antonette
3 days ago
A) The network connections and open ports
upvoted 0 times
...
...
Truman
22 days ago
I agree with Owen, capturing the contents of physical memory can provide valuable insights into the compromise.
upvoted 0 times
...
Owen
23 days ago
I disagree, I believe B) The contents of physical memory is more crucial in a suspected system compromise.
upvoted 0 times
...
Laurel
24 days ago
I think A) The network connections and open ports should be collected first.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77