PracticeQuiz content is free on an ad-supported model.

Unfortunately, we can't support ad blocker usage because of the impact on our servers. If you'd like to continue, please disable your ad blocker and reload page.

Reload page

CompTIA A+ 220-802

Category - 802: Security

Start a Study Session Sign up for Question of the Day

A technician is conducting a forensics analysis on a computer system. Which step should be taken first?

Get a binary copy of the system.
Search for Trojans.
Look for hidden files.
Analyze temporary files.

Explanation

Answer: A - The first step in the forensic analysis of an infected system is to obtain the binary copy of the system.

Key Takeaway: A system cannot be analyzed or searched for evidence using a simple file copy. The investigators need to obtain the binary copy to preserve evidence. This copy must be tamper-proof and must be capable of independent verification.

Was this helpful? Upvote!

Start a Study Session Sign up for Question of the Day

CompTIA A+ 220-802

Top questions

Related questions

Most popular on PracticeQuiz

Ad-Blocker not supported

CompTIA A+ 220-802

Top questions

Related questions

Most popular on PracticeQuiz