During an incident response to a data breach in a company's AWS environment, a forensic investigator is tasked to analyze and extract data from different storage types for further examination. What would be the most appropriate and effective course of action given that Amazon S3, EBS, and EFS were used?

Which tool does the investigator use to extract artifacts left by Google Drive on the system?

Following an advanced persistent threat attack, a CHFI investigator is called in to acquire data from the compromised system. Given the wide range of potential data sources, the investigator needs to prioritize the order of data collection based on volatility. Which of the following would be the correct order to collect data in this scenario?

Which of the following attacks allows attacker to acquire access to the communication channels between the victim and server to extract the information?

Jason, a renowned forensic investigator, is investigating a network attack that resulted in the compromise of several systems in a reputed multinational's network. He started Wireshark to capture the network traffic. Upon investigation, he found that the DNS packets travelling across the network belonged to a non-company configured IP. Which of the following attack Jason can infer from his findings?