Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ > Forensics > Flashcards

Forensics Flashcards

1
Q

Evidence collection must be priorized by

A

volatility

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

First responders should first _____ and then _____.

A

assess and contain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

To image a live system, ____ ____ images must be created

A

bit-level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Bit-level images must be created in _____

A

copies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Bit-level images must have ______

A

checksums

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

When creating a bit-level image of a static system, a _____ _____ must be used when connecting to a forensic workstation.

A

write-blocker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Documents that need to be created for forensics

A

Tracking log, chain of custody

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In containment, systems may need to be….

A

Plugged out of the network, but not turned off ideally

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Mitigations comes after ______

A

containment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

classification is also called

A

data labeling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Modes of data acquisition for mobile devices

A

Physical (sim, memory cards and backups)
Logical: forensic image of storage volumes
Manual Access: Reviewing contents manually on live phone
Filesystem: deleted files and metadata

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security+ (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions