Filters
Question type
Study Flashcards

Data may be hidden by all of the following methods EXCEPT


A) Using special characters in the actual name
B) Renaming to a common name used by the operating system
C) Encrypting the file
D) Password-protecting the file

E) None of the above
F) B) and C)

Correct Answer

verifed

verified

If volatile data must be acquired,you may need to do your analysis in a(n)


A) Trusted environment
B) Postmortem environment
C) Untrusted environment
D) Dead environment

E) A) and B)
F) A) and C)

Correct Answer

verifed

verified

________ data can include spreadsheets,databases,and word processing files.

Correct Answer

verifed

verified

Match the following types of files to their description. -Write blocker


A) Unique digital signature of data
B) Additional sectors created to fill a cluster
C) Application that prevents changes to a hard drive
D) Captures a "snapshot" of everything on the drive
E) Mathematical computations that validate a copy

F) A) and D)
G) A) and E)

Correct Answer

verifed

verified

Match the following investigative objectives to their proper chain of custody practices.

Premises
Scanner
Spoofer
Presumption of evidence
Document the activities
Password cracker
Anonymous remailer
Nuker
Preponderance of evidence
Proof beyond reasonable doubt
Presumption
Responses
Used to break encrypted password files
Create a copy without altering the original
Verify the integrity of the copy to the source
Perform the technical analysis while retaining its integrity
Used to identify services running on a network
Tools used to mask a person's online identity
Keep detailed records and photographs
Software used to destroy system log trails
Ensure fairness in the evaluation
Used to impersonate someone else's identity

Correct Answer

Scanner
Spoofer
Presumption of evidence
Document the activities
Password cracker
Anonymous remailer
Nuker
Preponderance of evidence
Proof beyond reasonable doubt
Presumption

Preserving e-evidence and good ________ of steps taken during the investigation are essential for success in computer crime cases.

Correct Answer

verifed

verified

Match the following forensic tools with their attributes. -UTK


A) The universal hexadecimal editor
B) Invaluable for combing through large amounts of data
C) Exclusively for Macs
D) AccessData tool designed for finding and examining evidence
E) Primarily for computer crime investigators

F) A) and E)
G) A) and D)

Correct Answer

verifed

verified

Under no circumstances should you attempt to create a forensically clean drive by simply ________ the drive.

Correct Answer

verifed

verified

A defensible approach is an objective and unbiased approach that


A) Is performed in accordance with forensic science principles
B) Is conducted with verified tools
C) Is documented thoroughly
D) All the above

E) A) and D)
F) All of the above

Correct Answer

verifed

verified

A forensics lab should have all of the following applications on hand EXCEPT


A) Microsoft Office versions
B) ClarisWorks
C) Peachtree Accounting
D) Visual Basic

E) All of the above
F) A) and C)

Correct Answer

verifed

verified

Which factor(s) determine the type of tools needed for an analysis?


A) The environment
B) The power sources available where the analysis will be done
C) The make of the equipment to be analyzed
D) None of the above

E) A) and B)
F) All of the above

Correct Answer

verifed

verified

A(n)________ can cause MD5 hashes to be different if different tools are used to acquire a disk image.

Correct Answer

verifed

verified

You may need to do a(n)________ analysis during a hacker attack or other intrusion.

Correct Answer

verifed

verified

A forensics lab is typically considered to be a(n)________ environment.

Correct Answer

verifed

verified

Which of the following does NOT affect the choice of forensic tool(s) for a case?


A) The operating system
B) State of the data
C) Availability of an expert witness
D) Domestic and international laws

E) A) and B)
F) None of the above

Correct Answer

verifed

verified

The first step in analyzing data is to _________ it.

Correct Answer

verifed

verified

Match the following forensic tools with their attributes. -FTK


A) The universal hexadecimal editor
B) Invaluable for combing through large amounts of data
C) Exclusively for Macs
D) AccessData tool designed for finding and examining evidence
E) Primarily for computer crime investigators

F) B) and C)
G) B) and D)

Correct Answer

verifed

verified

Match the following forensic tools with their attributes. -Sleuth Kit


A) Investigates the contents of BlackBerry devices
B) Graphical user interface consists of a series of panes
C) Safely and easily images Mac drives
D) Reads the first 32 bits of a file to identify its type
E) Open-source program that runs on UNIX plattorms

F) A) and B)
G) A) and D)

Correct Answer

verifed

verified

Match the following forensic tools with their attributes. -dtSearch


A) The universal hexadecimal editor
B) Invaluable for combing through large amounts of data
C) Exclusively for Macs
D) AccessData tool designed for finding and examining evidence
E) Primarily for computer crime investigators

F) B) and E)
G) A) and C)

Correct Answer

verifed

verified

________ is another name for the security key you need to access a system when using EnCase.

Correct Answer

verifed

verified

Showing 21 - 40 of 50

Related Exams

Exam 1

Forensic Evidence and Crime Investigation

40 Questions

Exam 2

Computer Forensics Anddigital Detective Work

32 Questions

Exam 4

Policies and Procedures

66 Questions

Exam 5

Data, PDA, and Cell Phone Forensics

46 Questions

Exam 6

Operating Systems and Data Transmission Basics for Digital Investigations

54 Questions

Exam 7

Investigating Windows, linux, and Graphic Files

59 Questions

Exam 8

E-Mail and Webmail Forensics

49 Questions

Exam 9

Internet and Network Forensics and Intrusion Detection

41 Questions

Exam 10

Tracking Down Those Who Intend to Do Harm on a Large Scale

40 Questions

Exam 11

Fraud and Forensic Accounting Investigation

41 Questions

Exam 12

Federal Rules and Criminal Codes

51 Questions

Exam 13

Ethical and Professional Responsibility in Testimony

31 Questions

Show Answer