Which action would be supportive of the concept of volatile data collection as describe in SP 800-86?

Last Updated on August 1, 2021 by Admin 2

200-201 : All Parts

200-201 : Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) : All Parts
200-201 Part 01	200-201 Part 04
200-201 Part 02	200-201 Part 05
200-201 Part 03	200-201 Part 06

Which action would be supportive of the concept of volatile data collection as describe in SP 800-86?

collect memory data first
collect volatile data after rebooting
collect malware data
collect hard drive data first

Explanation:
According to the concept of volatile data collection as covered in NIST 800-86, volatile data, meaning data that is gone after rebooting, should be collected first as it is fragile. Memory data should be collected first.

All volatile data should be collected before, not after, rebooting while it still exists. You should not collect hard drive data first. This is not volatile data. The concept of data does not concern itself with data content, such as malware data. It is only concerned with the volatile data.

200-201 : All Parts

200-201 : Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) : All Parts
200-201 Part 01	200-201 Part 04
200-201 Part 02	200-201 Part 05
200-201 Part 03	200-201 Part 06

0 0 votes

Article Rating

0 Comments

Inline Feedbacks

View all comments

Which action would be supportive of the concept of volatile data collection as describe in SP 800-86?

You Might Also Like

Windows identifies which application to open a file with by examining which of the following?

What will happen when you try to compile and execute the code?

From a business perspective, the MOST important function of information security is to support: