Bird
0
0

During an investigation, disk data shows no malware, but suspicious activity continues. How can memory forensics help?

hard🚀 Application Q15 of 15
Cybersecurity - Digital Forensics
During an investigation, disk data shows no malware, but suspicious activity continues. How can memory forensics help?
ABy analyzing the memory dump to find malware running only in RAM
BBy scanning the network for intrusions
CBy encrypting the disk to prevent malware
DBy deleting temporary files to remove threats
Step-by-Step Solution
Solution:

  1. Step 1: Understand limitations of disk data

    Malware can run only in memory without leaving traces on disk, so disk scans may miss it.

  2. Step 2: Use memory forensics to detect hidden malware

    Analyzing a memory dump can reveal running malware processes or injected code not visible on disk.

  3. Final Answer:

    By analyzing the memory dump to find malware running only in RAM -> Option A

  4. Quick Check:

    Memory forensics finds RAM-only malware [OK]
Quick Trick: Memory forensics finds malware missed on disk [OK]
Common Mistakes:
MISTAKES
  • Confusing memory forensics with network scanning
  • Thinking encryption removes malware
  • Assuming deleting temp files removes threats

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Cybersecurity Quizzes
Advanced Threat Protection - Sandbox environments - Quiz 8hard Advanced Threat Protection - Security Orchestration and Automation (SOAR) - Quiz 11easy Compliance and Governance - GDPR requirements - Quiz 15hard Compliance and Governance - Security policy development - Quiz 14medium Compliance and Governance - SOC 2 compliance - Quiz 5medium Digital Forensics - Chain of custody - Quiz 2easy Digital Forensics - Log forensics - Quiz 3easy Emerging Security Topics - Blockchain security applications - Quiz 11easy Incident Response - Post-incident review - Quiz 7medium Incident Response - Detection and analysis phase - Quiz 15hard