Bird
0
0

You run a memory forensics tool but get no results for running processes. What is the most likely cause?

medium📝 Analysis Q14 of 15
Cybersecurity - Digital Forensics
You run a memory forensics tool but get no results for running processes. What is the most likely cause?
AThe system has no running processes
BThe tool is designed only for disk analysis
CThe memory dump was not captured correctly
DThe network is disconnected
Step-by-Step Solution
Solution:

  1. Step 1: Analyze why no processes appear

    If no running processes are found, the memory dump might be incomplete or corrupted.

  2. Step 2: Rule out other options

    Memory forensics tools analyze RAM, not disk only; systems always have running processes; network status does not affect memory dump content.

  3. Final Answer:

    The memory dump was not captured correctly -> Option C

  4. Quick Check:

    No processes found = bad memory dump [OK]
Quick Trick: No processes means bad or incomplete memory dump [OK]
Common Mistakes:
MISTAKES
  • Thinking tool only analyzes disk
  • Assuming system can have zero processes
  • Blaming network for memory dump issues

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Cybersecurity Quizzes
Advanced Threat Protection - Sandbox environments - Quiz 8hard Advanced Threat Protection - Security Orchestration and Automation (SOAR) - Quiz 11easy Compliance and Governance - GDPR requirements - Quiz 15hard Compliance and Governance - Security policy development - Quiz 14medium Compliance and Governance - SOC 2 compliance - Quiz 5medium Digital Forensics - Chain of custody - Quiz 2easy Digital Forensics - Log forensics - Quiz 3easy Emerging Security Topics - Blockchain security applications - Quiz 11easy Incident Response - Post-incident review - Quiz 7medium Incident Response - Detection and analysis phase - Quiz 15hard