The correct answer should be B - Extract relevant data from the suspected devices as early as possible. First Responder do not do any data extraction. It is done by the forensic team. Choices A, C and D are found in the list first responser steps for network defenders (do's and don'ts) Source - Certified Network Defender (CND) Version 2 eBook w/ iLabs (Volumes 1 through 4) Page 1457 - 1464
A. Restrict yourself from doing the investigation IS part of recommended first response steps. CND Book P.2137
C. Disable virus protection IS part of recommended first response steps. CND Book P.2139
D. Do not change the state of the suspected device IS part of recommended first response steps. CND Book P.2138
So option B. Extract relevant data from the suspected devices as early as possible must be the correct answer.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.312-38 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Cyber_bunny
Highly Voted 11 months, 2 weeks agoethacker
Most Recent 5 months, 3 weeks ago