17 Jan Practice Test Question – Digital Evidence Sources
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Which one of the following sources of evidence contains the least volatile information?
A. Memory contents
B. Files stored on disk
C. ARP tables
D. Archival media
Correct Answer: D
Volatile information is information that is likely to be altered or lost as time passes. Archival media is designed for long-term storage and is the least volatile data source listed here. ARP tables in a router and the contents of system memory may change frequently and are the most volatile. Files stored on disk fall in between these two extremes.
Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!
No Comments