ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-501 All Questions

View all questions & answers for the SY0-501 exam
Go to Exam

Exam SY0-501 topic 1 question 833 discussion

Actual exam question from CompTIA's SY0-501
Question #: 833
Topic #: 1
[All SY0-501 Questions]

A malicious actor recently penetrated a company's network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know what was in the memory on the compromised server. Which of the following files should be given to the forensics firm?

  • A. Security
  • B. Application
  • C. Dump
  • D. Syslog
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Teza at Aug. 24, 2020, 2:04 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Teza
Highly Voted 4 years, 10 months ago
A dump file is a snapshot that shows the process that was executing and modules that were loaded for an app at a point in time. A dump with heap information also includes a snapshot of the app's memory at that point. ... Testers also create dumps to save crash or unresponsive program data to use for more testing https://docs.microsoft.com/en-us/visualstudio/debugger/using-dump-files?view=vs-2019#:~:text=A%20dump%20file%20is%20a,app's%20memory%20at%20that%20point.&text=Testers%20also%20create%20dumps%20to,to%20use%20for%20more%20testing.
upvoted 37 times
...
fonka
Most Recent 3 years, 11 months ago
The Dump Collector is used to collect diagnostic information in the event an ESXi host crashes (PSOD).
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel