Which of the following is not part of the SANS six$-$part methodology for memory analysis?

a$.$ Dump suspicious processes and drivers

b$.$ Review network artifacts

c$.$ Identify rogue processes

d$.$ Review NetFlow records

QUESTION $2$

What are some of the data points that can be found via memory analysis?

a$.$ Running processes

b$.$ Network connection

c$.$ Command history

d$.$ All of the above

QUESTION $3$

Which of the following is a Window GUI tool used for memory forensics and developed by Mandiant?

a$.$ Volatility

b$.$ Strings

c$.$ Redline

d$.$ EnCase