contestada

You must contain a host that is suspected of effecting a violation of security policy. No methods of live evidence acquisition are available. What is your best course of action to preserve the integrity of evidence

Respuesta :

The best course of action to preserve the integrity of evidence is using software shut-down routine risks.

Software shut-down routine risks

  • If live memory acquisition cannot be accomplished, pulling the plug to end processes is the best course of action because using a software shut-down method runs the risk of altering data on the host disk.
  • Idealized video documentation of this procedure would include a justification for the chosen course of action.
  • Depending on how a shutdown has been arranged, that risk's effect may differ.
  • Delays cost overruns and lost productivity can be caused by a variety of factors, including a lack of knowledge, overly ambitious projections, uncertainty about the scope of the repairs required, and many others.
  • System shutdown gets the system to a point where it is secure to turn the computer off.

To learn more about the shutdown system refer to:

https://brainly.com/question/6389199

#SPJ4

Otras preguntas