What tool would be suitable for gathering volatile database information for evidence of an attack?

The choice of the ApexSQL DBA's ApexSQL audit application as a suitable tool for gathering volatile database information for evidence of an attack is well-founded. This tool is specifically designed for auditing SQL Server databases and provides a range of functionalities focused on monitoring SQL Server activities, tracking changes, and generating detailed reports about database transactions. In the context of an incident response, gathering evidence quickly and efficiently is paramount, and this application allows handlers to capture and analyze real-time data changes, which is critical in volatile situations following an attack.

On the other hand, a Database Consistency Checker may be useful for ensuring data integrity but does not provide the real-time monitoring or auditing capabilities necessary for incident handling. Notepad, being merely a text editor, lacks any functionality geared toward database management or forensic retrieval and is ineffective for gathering evidence. Although SQL Server Profiler can be effective for tracing SQL Server events, it is not as specialized for auditing purposes as the ApexSQL audit application, which focuses on compliance and forensic evidence collection, making it more appropriate for this scenario.