🔥 3-day streak
CompTIA SecurityX (CAS-005)41 / 120
Question 41 of 120
During enterprise-scale incident response, a forensic analyst has collected disk images from five compromised hosts. Investigators need to reconstruct the exact sequence of attacker actions across filesystem metadata, registry hives, event logs, and browser artifacts to determine the initial access vector. Which approach best supports this reconstruction?
Reviewed for accuracy · Report an issueNext question