Spring Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. ECCouncil
  4. ECIH
  5. 212-89 Discussions
  6. 212-89 Exam Topic 1 Question 5 Discussion

ECCouncil EC Council Certified Incident Handler (ECIH v3) 212-89 Question # 5 Topic 1 Discussion

 ECCouncil Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

ECCouncil EC Council Certified Incident Handler (ECIH v3) 212-89 Question # 5 Topic 1 Discussion

212-89 Exam Topic 1 Question 5 Discussion:
Question #: 5
Topic #: 1

Following a high-profile breach investigation at a multinational corporation, an incident handler is tasked with the critical role of preserving, packaging, and transporting digital evidence from a server believed to be compromised and utilized as part of a global botnet operation. The challenge lay not only in the technical complexities of the operation but also in adhering to stringent legal and procedural frameworks to ensure the evidence remained admissible in court. Which of the following options ensures the highest level of evidence integrity during its transport?
A.

On-site encryption of the server’s data, followed by its upload to secure cloud storage.

B.

Creating a forensic image of the server's drives, verifying image hashes, storing images on encrypted drives, and maintaining detailed transport logs.

C.

Encasing the server in anti-static packaging with chain-of-custody labels.

D.

Transferring server data to a new drive using a write blocker and GPS tracking.

Get Premium 212-89 Questions
Actual exam question for ECCouncil 212-89 exam by Rune4219 at Feb 18, 2026, 8:42:12 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next