CertNexus Certified Cyber Secure Coder (CSC) — Question 68

During the forensic analysis of a compromised computer image, the investigator found that critical files are missing, caches have been cleared, and the history and event log files are empty. According to this scenario, which of the following techniques is the suspect using?

Answer options

• A. System hardening techniques
• B. System optimization techniques
• C. Defragmentation techniques
• D. Anti-forensic techniques

Correct answer: D

Explanation

The correct answer is D, as anti-forensic techniques are specifically used to obstruct forensic investigations by deleting or altering critical data such as logs and caches. Options A, B, and C do not align with the actions taken by the suspect since system hardening, optimization, and defragmentation are generally aimed at improving system security or performance, not concealing evidence.