EC-Council
312-49V11 · Question #162
312-49V11 Question #162: Real Exam Question with Answer & Explanation
Sign in or unlock 312-49V11 to reveal the answer and full explanation for question #162. The question stem and answer options stay visible for context.
Question
During a forensic investigation of a compromised system, the investigator is analyzing various forensic artifacts to determine the nature and scope of the attack. The investigator is specifically looking for information related to failed sign-in attempts, security policy changes, alerts from intrusion detection systems, and unusual application malfunctions. Which type of forensic artifact is most likely to contain this critical information?
Options
- ACryptographic artifacts that store information about encryption and decryption operations.
- BBrowser artifacts that track user browsing history and website interactions.
- CProcess and memory artifacts that contain information about running processes and system
- DLog file anomalies that provide detailed records of events and errors on the device.
Unlock 312-49V11 to see the answer
You've previewed enough free 312-49V11 questions. Unlock 312-49V11 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.