CompTIA Security+(SYO-601) - Incident Response
and Forensics| Questions & Answers 100%
Correct| Newest Update 2025
Internet Protocol Flow Information Export (IPfix) - ✔✔A universal standard of export
for Internet Protocol flow information from routers, probes and other devices that are
used by mediation systems, accounting/billing systems and network management
systems to facilitate services such as measurement, accounting and billing by defining
how IP flow information is to be formatted and transferred from an exporter to a
collector
Metadata - ✔✔Data that describes other data by providing an underlying definition
or description by summarizing basic information about data that makes finding and
working with particular instances of data easier.
Reporting - ✔✔Create a report of the methods and tools used in the investigation
and present detailed findings and conclusions based on the analysis
Legal Hold - ✔✔A process designed to preserve all relevant information when
litigation is reasonably expected to occur.
Timeline - ✔✔A tool that shows the sequence of file system events within a source
image in a graphical format
data acquisition - ✔✔The method and tools used to create a forensically sound copy
of data from a source device, such as system memory or a hard disk
, tracert/traceroute - ✔✔A network diagnostic command for displaying possible routes
and measuring transit delays of packets across an Internet Protocol Network
nslookup/dig - ✔✔Utility used to determine the IP address associated with a domain
name, obtain the mail server settings for a domain, and other DNS information
ipconfig/ifconfig - ✔✔Utility that displays all the network configurations of the
currently connected network devices and can modify the DHCP and DNS settings
Nmap - ✔✔An open-source network scanner that is used to discover hosts and
services on a computer network by sending packets and analyzing their responses
ping/pathping - ✔✔Utility used to determine if a host is reachable on an Internet
Protocol network
hping - ✔✔An open-source packet generator and analyzer for the TCP/IP protocol
that is used for security auditing and testing of firewalls and networks
netstat - ✔✔Utility that displays network connections for Transmission Control
Protocol, routing tables, and a number of network interface and network protocol
statistics
arp - ✔✔Utility for viewing and modifying the local Address Resolution Protocol (ARP)
cache on a given host or server
route - ✔✔Utility that is used to view and manipulate the IP routing table on a host
or server
and Forensics| Questions & Answers 100%
Correct| Newest Update 2025
Internet Protocol Flow Information Export (IPfix) - ✔✔A universal standard of export
for Internet Protocol flow information from routers, probes and other devices that are
used by mediation systems, accounting/billing systems and network management
systems to facilitate services such as measurement, accounting and billing by defining
how IP flow information is to be formatted and transferred from an exporter to a
collector
Metadata - ✔✔Data that describes other data by providing an underlying definition
or description by summarizing basic information about data that makes finding and
working with particular instances of data easier.
Reporting - ✔✔Create a report of the methods and tools used in the investigation
and present detailed findings and conclusions based on the analysis
Legal Hold - ✔✔A process designed to preserve all relevant information when
litigation is reasonably expected to occur.
Timeline - ✔✔A tool that shows the sequence of file system events within a source
image in a graphical format
data acquisition - ✔✔The method and tools used to create a forensically sound copy
of data from a source device, such as system memory or a hard disk
, tracert/traceroute - ✔✔A network diagnostic command for displaying possible routes
and measuring transit delays of packets across an Internet Protocol Network
nslookup/dig - ✔✔Utility used to determine the IP address associated with a domain
name, obtain the mail server settings for a domain, and other DNS information
ipconfig/ifconfig - ✔✔Utility that displays all the network configurations of the
currently connected network devices and can modify the DHCP and DNS settings
Nmap - ✔✔An open-source network scanner that is used to discover hosts and
services on a computer network by sending packets and analyzing their responses
ping/pathping - ✔✔Utility used to determine if a host is reachable on an Internet
Protocol network
hping - ✔✔An open-source packet generator and analyzer for the TCP/IP protocol
that is used for security auditing and testing of firewalls and networks
netstat - ✔✔Utility that displays network connections for Transmission Control
Protocol, routing tables, and a number of network interface and network protocol
statistics
arp - ✔✔Utility for viewing and modifying the local Address Resolution Protocol (ARP)
cache on a given host or server
route - ✔✔Utility that is used to view and manipulate the IP routing table on a host
or server
