Which practice is recommended regarding antivirus scanning on a forensic workstation?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Enhance your knowledge as a Computer Hacking Forensic Investigator with the CHFI v11 Test. Use flashcards and multiple-choice questions, complete with hints and detailed explanations, to prepare effectively and ace your exam!

Multiple Choice

Which practice is recommended regarding antivirus scanning on a forensic workstation?

Explanation:
Ensuring a trusted, known-good environment is essential for forensic work. Running antivirus on the forensics workstation before you begin helps confirm the system is not compromised and cannot introduce malware or alter evidence during analysis. Scanning the suspect drive first can risk modifying data with quarantine actions or other changes; scanning during an investigation every few minutes is excessive and impractical; and avoiding scans on the workstation entirely would leave you blind to threats. By starting with a clean baseline, you protect the integrity of your tools and the evidence you handle throughout the case.

Ensuring a trusted, known-good environment is essential for forensic work. Running antivirus on the forensics workstation before you begin helps confirm the system is not compromised and cannot introduce malware or alter evidence during analysis. Scanning the suspect drive first can risk modifying data with quarantine actions or other changes; scanning during an investigation every few minutes is excessive and impractical; and avoiding scans on the workstation entirely would leave you blind to threats. By starting with a clean baseline, you protect the integrity of your tools and the evidence you handle throughout the case.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy