Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cyber Security 601 > Data Collection Procedures > Flashcards

Data Collection Procedures Flashcards

1
Q

After an attack, before you restore your servers into operational status, what must you do to preserve evidence?

A

Create a forensic disk image of the data for evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the order of volatility?

A
  1. CPU registers and cache memory
  2. Routing tables, ARP cache, process table, kernel statistics, memory (RAM)
  3. Temporary files
  4. Disk (HDD/SDD/flash drive)
  5. Remote logging and monitoring data
  6. Physical configuration and network topology
  7. Archival media

Exam Tip: You have to remember this in order

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Cyber Security 601 (118 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions