GIAC Certified Enterprise Defender GCED Question # 13 Topic 2 Discussion

GCED Exam Topic 2 Question 13 Discussion:

Question #: 13

Topic #: 2

Which command is the Best choice for creating a forensic backup of a Linux system?

Run form a bootable CD: tar cvzf image.tgz /

Run from compromised operating system: tar cvzf image.tgz /

Run from compromised operating system: dd if=/ dev/hda1 of=/mnt/backup/hda1.img

Run from a bootable CD: dd if=/dev/hda1 of=/mnt/backup/hda1.img

Get Premium GCED Questions

Actual exam question for GIAC GCED exam by Ember9605 at Aug 3, 2025, 12:00:00 AM

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.