Posted by: Pdfprep
Post Date: November 3, 2020
A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected?
A . The malware file’s modify, access, change time properties.
B . The timeline analysis of the file system.
C . The time stamp of the malware in the swap file.
D . The date/time stamp of the malware detection in the antivirus logs.
Answer: B
Leave a Reply