PracticeQuiz content is free on an ad-supported model.

Unfortunately, we can't support ad blocker usage because of the impact on our servers. If you'd like to continue, please disable your ad blocker and reload page.

Reload page

CompTIA 220-801 Certification Practice Test

Category - Essentials

Start a Study Session Sign up for Question of the Day

A technician is conducting a forensics analysis on a computer system. Which step should be taken first?

Get a binary copy of the system
Search for Trojans
Look for hidden files
Analyze temporary files

Explanation

Answer - A - The first step in the forensic analysis of an infected system is to obtain the binary copy of the system.

Key Takeaway: A system cannot be analyzed or searched for evidence using a simple file copy. The investigators need to obtain the binary copy to preserve evidence. This copy must be tamper-proof and must be capable of independent verification.

Previous Next

Was this helpful? Upvote!

Start a Study Session Sign up for Question of the Day

CompTIA 220-801 Certification Practice Test

Top questions

Related questions

Most popular on PracticeQuiz

Ad-Blocker not supported

CompTIA 220-801 Certification Practice Test

Top questions

Related questions

Most popular on PracticeQuiz