Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam 212-89 Topic 4 Question 72 Discussion

Actual exam question for Eccouncil's 212-89 exam
Question #: 72
Topic #: 4
[All 212-89 Questions]

Patrick is doing a cyber forensic investigation. He is in the process of collecting physical

evidence at the crime scene.

Which of the following elements he must consider while collecting physical evidence?

Show Suggested Answer Hide Answer
Suggested Answer: D

In the context of collecting physical evidence during a cyber forensic investigation, Patrick must consider items like removable media, cables, and publications. These items can contain crucial information related to the crime, such as data storage devices (USB drives, external hard drives), cables connected to potentially relevant devices, and any printed materials that might have information or clues about the incident. Open ports, services, and OS vulnerabilities, DNS information, and published name servers and web application source code, while important in digital forensics, do not constitute physical evidence in the traditional sense. Reference: Incident Handler (ECIH v3) study guides and courses detail the process of evidence collection in cyber forensic investigations, emphasizing the importance of securing physical evidence that could support digital forensic analysis.


by Ernie at Nov 18, 2024, 02:29 AM

Limited Time Offer

25%

Off

Get Premium 212-89 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Cheryl
21 days ago
Forget the evidence, I just want to know who did it! Whodunit, that's the real mystery here.
upvoted 0 times
...
Rosalind
22 days ago
D is the way to go, no doubt. Who needs digital evidence when you've got good old physical stuff to work with?
upvoted 0 times
Cary
13 days ago
I agree, D is essential. It's always good to have a variety of evidence to work with.
upvoted 0 times
...
Johanna
15 days ago
D is definitely important. Physical evidence can be crucial in a cyber forensic investigation.
upvoted 0 times
...
...
Delmy
1 months ago
I believe option A) Open ports, services, and operating system (OS) vulnerabilities is also important to consider.
upvoted 0 times
...
Olen
1 months ago
Hmm, I don't know. D seems a bit too simple. Maybe I should consider the other options as well.
upvoted 0 times
...
Deonna
1 months ago
I'm going with D too. Those publications might have some juicy details about the crime scene.
upvoted 0 times
Sylvie
1 days ago
I'm going with D too. Those publications might have some juicy details about the crime scene.
upvoted 0 times
...
Tiara
4 days ago
D) Removable media, cable, and publications
upvoted 0 times
...
Tasia
10 days ago
C) Published name servers and web application source code
upvoted 0 times
...
Sage
12 days ago
B) DNS information including domain and subdomains
upvoted 0 times
...
Lenna
21 days ago
A) Open ports, services, and operating system (OS) vulnerabilities
upvoted 0 times
...
...
Dominga
2 months ago
D seems like the obvious choice here. Gotta collect that physical evidence like removable media and cables, right?
upvoted 0 times
Theron
14 days ago
User 4: True, all of those elements are important for a cyber forensic investigation.
upvoted 0 times
...
Cristina
15 days ago
User 3: Don't forget about publications, they could contain important information too.
upvoted 0 times
...
Nobuko
1 months ago
User 2: Yeah, collecting removable media and cables is crucial for physical evidence.
upvoted 0 times
...
Regenia
1 months ago
User 1: D seems like the obvious choice here.
upvoted 0 times
...
...
Esteban
2 months ago
I agree with Chau. Those items could contain valuable evidence for the investigation.
upvoted 0 times
...
Chau
2 months ago
I think Patrick should consider option D) Removable media, cable, and publications.
upvoted 0 times
...

Save Cancel