GIAC
GCFE · Question #73
GCFE Question #73: Real Exam Question with Answer & Explanation
Sign in or unlock GCFE to reveal the answer and full explanation for question #73. The question stem and answer options stay visible for context.
Question
During a forensic investigation, you need to determine if unauthorized software was installed on a computer. Which event logs would be most useful to analyze to confirm this activity? (Choose three)
Options
- ASystem log
- BApplication log
- CSecurity log
- DSetup log
- EForwarded Events log
Unlock GCFE to see the answer
You've previewed enough free GCFE questions. Unlock GCFE for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.