Eccouncil Exam 212-89 Topic 4 Question 72 Discussion

Actual exam question for Eccouncil's 212-89 exam

Question #: 72
Topic #: 4

[All 212-89 Questions]

Patrick is doing a cyber forensic investigation. He is in the process of collecting physical

evidence at the crime scene.

Which of the following elements he must consider while collecting physical evidence?

AOpen ports, services, and operating system (OS) vulnerabilities

BDNS information including domain and subdomains

CPublished name servers and web application source code

DRemovable media, cable, and publications

Show Suggested Answer

Suggested Answer: D

In the context of collecting physical evidence during a cyber forensic investigation, Patrick must consider items like removable media, cables, and publications. These items can contain crucial information related to the crime, such as data storage devices (USB drives, external hard drives), cables connected to potentially relevant devices, and any printed materials that might have information or clues about the incident. Open ports, services, and OS vulnerabilities, DNS information, and published name servers and web application source code, while important in digital forensics, do not constitute physical evidence in the traditional sense. Reference: Incident Handler (ECIH v3) study guides and courses detail the process of evidence collection in cyber forensic investigations, emphasizing the importance of securing physical evidence that could support digital forensic analysis.

by Ernie at Nov 18, 2024, 02:29 AM

Limited Time Offer

25%

Off

Get Premium 212-89 Questions as Interactive Web-Based Practice Test or PDF