A cybersecurity investigator has identified a potential incident of hidden information in a file. The investigator uses Autopsy's Extension Mismatch Detector Module to look for file extension mismatches. While examining the module's output, which of the following information should be mainly considered to verify the potential incident?

A. The file's size

B. The first 20 bytes of the file

C. The file's timestamp

D. The last 20 bytes of the file








 

Suggested Answer: B

Community Answer: B



This question is in 312-49V10 EC-Council Computer Hacking Forensic Investigator (CHFI) v10 Exam
For getting EC-Council Computer Hacking Forensic Investigator (CHFI) Certificate







Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by EC-Council. 
Trademarks, certification & product names are used for reference only and belong to EC-Council.
The website does not contain actual questions and answers from EC-Council's Certification Exams.