EC-Council: Computer Hacking Forensic Investigator(CHFI-V10)
Module 6 : Windows Forensics
         
Questions available : 94 You are not logged in.
Please Login for track your learning progress
   
 
Q. No: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 |
Go to Question No.



Question No 0

If you want to share the link of this question, please click here to "Copy Question Link" and share that generated link. Link from URL may change in future.
 
   
Bookmark this Question
QID: 129  
   
Jeff is a forensics investigator for a government agency‘s cyber security office. Jeff is tasked with acquiring a memory dump of a Windows 10 computer that was involved in a DDoS attack on the government agency‘s web application. Jeff is onsite to collect the memory. What tool could Jeff use?


 
A:    Memcheck
 
B:    RAMMapper
C:    Autopsy
  
D:    Volatility
 
         

 
 

Diffence opinion in Correct Answer or any comment?
Vote / Comment for correct Answer



Comunity Comments:

Admin on 12/04/2025
Opted Answer: B
RAMMapper can be used for take the snapshot of the memory/processes. So the answer choice updated

Krishna on 26/03/2025
Opted Answer: D
there is no such tool named RAMMapper. Volatility is the most suitable choice

yassine on 14/06/2024
Opted Answer: C
we cannot dump memory with volatility
All answers are not correct

Pradeep Thomas on 12/04/2025
RAMMapper can be used for take the snapshot of the memory/processes.

















WELCOME TO ONLINE EXAM PREPARATION SYSTEM

Certification Examinations