Which of the following is a common source within a system that can retain data before it is swapped in memory?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $24.99Unlock all

Prepare for the Computer Hacking Forensic Investigator v11 exam. Study with flashcards and multiple choice questions. Each question includes hints and explanations. Get exam-ready efficiently!

Multiple Choice

Which of the following is a common source within a system that can retain data before it is swapped in memory?

When a system uses virtual memory, the operating system moves memory pages out to a disk-based swap file when RAM is full. Those pages on disk can contain data that was just in memory, including contents of documents or sensitive information, and they stay there until swapped back in. Because the swap file holds this memory-resident data, it’s a common forensic source for recovering what was in RAM before it was swapped in again. The other options relate to separate data stores: the SAM file contains user account information, a data file is a generic data container, and a log file records events. None of these specifically preserve memory contents as the swap file does.

Which of the following is a common source within a system that can retain data before it is swapped in memory?

Prepare for the Computer Hacking Forensic Investigator v11 exam. Study with flashcards and multiple choice questions. Each question includes hints and explanations. Get exam-ready efficiently!

Which of the following is a common source within a system that can retain data before it is swapped in memory?

Get the latest from Passetra