You have been asked to conduct a forensic analysis of a Linux machine. You are in the command-line and you need to make an unchanged copy of the data on hard drive. What command-line utility can you use to accomplish this task?
Correct Incorrect Unanswered Report Issue Answer Description
“dd” is a command-line utility for Linux distributions that allows the user to copy data from a drive to another drive while ensuring that the data is unchanged.
Wikipedia
dd is a command-line utility for Unix, Plan 9, Inferno, and Unix-like operating systems and beyond, the primary purpose of which is to convert and copy files. On Unix, device drivers for hardware (such as hard disk drives) and special device files (such as /dev/zero and /dev/random) appear in the file system just like normal files; dd can also read and/or write from/to these files, provided that function is implemented in their respective driver. As a result, dd can be used for tasks such as backing up the boot sector of a hard drive, and obtaining a fixed amount of random data. The dd program can also perform conversions on the data as it is copied, including byte order swapping and conversion to and from the ASCII and EBCDIC text encodings.
Dd_(Unix) - Wikipedia, the free encyclopedia Subscribe to avoid duplicate questions and track your progress over time