Q: 6
[Introduction to Incident Handling and Response]
Which of the following techniques prevent or mislead incident-handling process and may also affect
the collection, preservation, and identification phases of the forensic
investigation process?
Options
Discussion
D. saw this in a similar exam question before. Anti-forensics directly targets the IR and forensic phases.
Probably D. Scanning, footprinting and enumeration are all recon techniques, but only D (anti-forensics) is meant to mess with collection and preservation in forensics. A common trap is picking A or B just because they're attack phases.
Its D, but does the question mean the most effective technique or just any that could have some impact?
Be respectful. No spam.
