EC-Council
312-49V11 · Question #125
312-49V11 Question #125: Real Exam Question with Answer & Explanation
Sign in or unlock 312-49V11 to reveal the answer and full explanation for question #125. The question stem and answer options stay visible for context.
Question
During a live data acquisition procedure, forensic investigators are tasked with analyzing a suspected breach of a corporate network. The breach involves unauthorized access to sensitive files stored on the company's servers. Investigators aim to gather volatile data to trace the origin of the breach and identify potential network vulnerabilities. In a live data acquisition scenario, which types of volatile data would investigators prioritize capturing to trace the intrusion's origin and identify network vulnerabilities?
Options
- APrinter driver versions and configurations
- BCurrent system uptime and DLLs loaded
- COpen connections and routing information
- DMouse click activity and cursor movements
Unlock 312-49V11 to see the answer
You've previewed enough free 312-49V11 questions. Unlock 312-49V11 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.