Q:
Digital forensics is commonly applied to which of the following activities?
Q:
NIST includes which three (3) as steps in collecting data? (Select 3)
Q:
What is the primary purpose of maintaining a chain of custody?
Q:
True or False. Digital forensics report is a summary of your findings. If your case goes to trial, your testimony can, and usually does, involve far more detail than is in the report.
Q:
True or False. Digital forensics had been used to solve a number of high-profile violent crimes.
Q:
Which section of a digital forensics report would include using the best practices of taking lots of screenshots, use built-in logging options of your digital forensics tools, and exporting key data items into a .csv or .txt file?
Q:
Which types of files are appropriate subjects for forensic analysis?
Q:
Deleting a file results in what action by most operating systems?
Q:
Forensic analysis should always be conducted on a copy of the original data. What type of copying is appropriate for getting data from a live system that cannot be taken offline?
Q:
How does a forensic analysis use hash sets acquired from NIST’s Software Reference Library project?
Q:
Which three (3) of the following data types are considered non-volatile? (Select 3)
Q:
Configuration files are considered which data type?
Q:
True or False. When collecting forensic data from a running system, you should always attempt to collect non-volatile data first.
Q:
Which three (3) of the following are application components? (Select 3)
Q:
Which of these applications would likely be of the least interest in a forensic analysis?
Q:
The Internet layer of the TCP/IP stack, also known as the Network layer in the OSI model, contains which two (2) protocols that are very useful to a forensic investigation? (Select 2)
Q:
Which device would you inspect if you were looking for event data correlated across a number of different network devices?
Q:
Which of these sources might require a court order in order to obtain the data for forensic analysis?
Subscribe
0 Comments
Find Questions in This Page: "CTRL+F"
