From the course: Learning Cyber Incident Response and Digital Forensics
Unlock this course with a free trial
Join today to access over 24,000 courses taught by industry experts.
Review of the chapter quiz
From the course: Learning Cyber Incident Response and Digital Forensics
Review of the chapter quiz
- [Instructor] In this video, we're going to go over the correct answers for the quiz that you just took. As we go through this review, I'm going to first read the questions and its answer choices, and then I'll provide you with the right answer and the reason why it's correct, and why each of the other answers was incorrect. Question number one. You arrive at the scene of a possible cyber attack. Which tool would you use to copy all the allocated and unallocated space on a drive? A, Time Machine, B, FTK Imager, C, Windows backup, or D, Autopsy? The correct answer here is B, FTK Imager. Now, FTK Imager is a free-to-use proprietary program that allows you to capture both the memory and the hard disks of a particular system. When using FTK Imager, it will collect both the allocated and unallocated space on a given drive. This way, if somebody has deleted the files or tried to hide those files, you'll still be able to…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
Digital forensic investigation1m 43s
-
(Locked)
Preserving evidence5m 23s
-
(Locked)
Preparing an evidence drive2m 42s
-
(Locked)
Creating a trusted tools USB drive13m 35s
-
(Locked)
Collecting volatile evidence6m 39s
-
(Locked)
Collecting network evidence6m 5s
-
(Locked)
Imaging storage devices with FTK7m 25s
-
(Locked)
Imaging a USB drive with DD4m 19s
-
(Locked)
Review of the chapter quiz5m 20s
-
-
-
-
-