Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Eccouncil Exam 212-89 Topic 3 Question 75 Discussion

Actual exam question for Eccouncil's 212-89 exam
Question #: 75
Topic #: 3
[All 212-89 Questions]

Clark is investigating a cybercrime at TechSoft Solutions. While investigating the case,

he needs to collect volatile information such as running services, their process IDs,

startmode, state, and status.

Which of the following commands will help Clark to collect such information from

running services?

Show Suggested Answer Hide Answer
Suggested Answer: C

WMIC (Windows Management Instrumentation Command-line) is a command-line tool that provides a unified interface for Windows management tasks, including the collection of system information. It allows administrators and forensic investigators to query the live system for information about running services, their process IDs, start modes, states, and statuses, among other data. The use of WMIC is particularly valuable in incident response scenarios for gathering volatile information from a system without having to install additional software, which might alter the state of the system being investigated. By executing specific WMIC commands, Clark can extract detailed information about the services running on a system at the time of the investigation, making it an essential tool for collecting volatile data in a forensically sound manner.


Contribute your Thoughts:

Kayleigh
1 months ago
Gotta love a good cybercrime investigation! C) wmic is the clear winner here. I bet Clark is a whiz with that command.
upvoted 0 times
Graciela
7 days ago
Clark must be pretty skilled to handle all that data with wmic.
upvoted 0 times
...
Elsa
7 days ago
I've used wmic before, it's really helpful for investigations like this.
upvoted 0 times
...
Galen
11 days ago
Yeah, wmic is perfect for getting all the details on running services.
upvoted 0 times
...
Corinne
20 days ago
I agree, C) wmic is definitely the way to go for collecting that information.
upvoted 0 times
...
...
Skye
2 months ago
I think 'Openfiles' might also be a good option for Clark to use in this situation.
upvoted 0 times
...
Dyan
2 months ago
Hmm, I'm not sure. B) netstat --ab might work, but it seems a bit too broad. C) wmic sounds more targeted to me.
upvoted 0 times
Junita
25 days ago
I agree, C) wmic seems like the most targeted command for getting the specific details Clark needs.
upvoted 0 times
...
Colby
1 months ago
I think C) wmic would be the best option for collecting that information.
upvoted 0 times
...
...
Claribel
2 months ago
C) wmic is definitely the way to go here. It gives you all the information you need about the running services.
upvoted 0 times
Jeannetta
1 months ago
I think netstat --ab could also be useful in this situation to gather information on running services.
upvoted 0 times
...
Alyce
1 months ago
I agree, wmic is the best command to use for collecting information on running services.
upvoted 0 times
...
...
Tijuana
2 months ago
I disagree, I believe the command 'wmic' would be more suitable for collecting that information.
upvoted 0 times
...
Terrilyn
2 months ago
I think the command 'netstat --ab' will help Clark collect the information he needs.
upvoted 0 times
...

Save Cancel