WGU D431 OA COMPUTER FORENSICS
STUDY GUIDE 2026 EXAM PREP
QUESTIONS AND SOLVED ANSWERS
⫸ Anonymous remailing. Answer: The process of sending an email
message to an anonymizer. The anonymizer strips identifying
information from an email message before forwarding it with the
anonymous mailing computer's IP address.
⫸ Anti-forensics. Answer: The actions that perpetrators take to conceal
their locations, activities, or identities.
⫸ Asymmetric cryptography. Answer: Cryptography wherein two keys
are used: one to encrypt the message and another to decrypt it.
⫸ Asynchronous transfer mode (ATM). Answer: A high-speed
connection technology that uses fixed-length, 53-byte packets called
calls.
⫸ Authenticate. Answer: To verify the identity of a person, or to verify
evidence.
⫸ Base transceiver station (BTS). Answer: The part of the cell network
responsible for communications between the mobile phone and the
network switching system.
,⫸ Basic input/output system (BIOS). Answer: The basic instructions
stored on a chip for booting up the computer.
⫸ Bit-level information. Answer: Information at the level of actual 1s
and 0s stored in memory or on the storage device.
⫸ Block cipher. Answer: A form of cryptography that encrypts data in
blocks; 64-bit blocks are quite common, although some algorithms (like
AES) use larger blocks.
⫸ Bootstrap environment. Answer: A special program, such as U-Boot
or RedBoot, that is stored in a special section of the flash memory.
⫸ Brute-force attack. Answer: An attack in which the attacker tries to
decrypt a message by simply applying every possible key in the
keyspace.
⫸ Business continuity plan (BCP). Answer: A plan for maintaining
minimal operations until the business can return to full normal
operations.
⫸ Business impact analysis (BIA). Answer: An analysis of how specific
incidents might impact the business operations.
⫸ Caesar cipher. Answer: The method of cryptography in which
someone chooses a number by which to shift each letter of a text in the
,alphabet and substitute the new letter for the letter being encrypted. This
is also known as a Mono alphabet, single-alphabet, or substitution
cipher.
⫸ Carrier. Answer: The signal, stream, or data file in which the payload
is hidden.
⫸ Cell-phone forensics. Answer: The process of searching the contents
of cell phones.
⫸ Chain of custody. Answer: The continuity of control of evidence that
makes it possible to account for all that has happened to evidence
between its original collection and its appearance in court, preferably
unaltered.
⫸ Channel. Answer: The type of medium used to hide data in
steganography. This may be photos, video, sound files, or Voice over IP.
⫸ Clean room. Answer: An environment that has a controlled level of
contamination, such as from dust, microbes, and other particles.
⫸ Cloud computing. Answer: The practice of delivering hosted services
over the internet. This can be software as a service, platform as a
service, or infrastructure as a service.
, ⫸ Computer forensics. Answer: The use of analytical and investigative
techniques to identify, collect, examine, and preserve computer-based
material for presentation as evidence in a court of law.
⫸ Consistency checking. Answer: A technique for file system repair
that involves scanning a disk's logical structure and ensuring that it is
consistent with its specification.
⫸ Cryptanalysis. Answer: A method of using techniques other than
brute force to derive a cryptographic key.
⫸ Curriculum vitae (CV). Answer: An extensive document expounding
one's experience and qualifications for a position, similar to a résumé but
with more detail. In academia and expert work, it is usually used rather
than a résumé.
⫸ Cyberstalking. Answer: The use of electronic communications to
harass or threaten another person.
⫸ Data consistency. Answer: The act of ensuring the data that is
extracted is consistent.
⫸ Daubert standard. Answer: The standard holding that only methods
and tools widely accepted in the scientific community can be used in
court.
STUDY GUIDE 2026 EXAM PREP
QUESTIONS AND SOLVED ANSWERS
⫸ Anonymous remailing. Answer: The process of sending an email
message to an anonymizer. The anonymizer strips identifying
information from an email message before forwarding it with the
anonymous mailing computer's IP address.
⫸ Anti-forensics. Answer: The actions that perpetrators take to conceal
their locations, activities, or identities.
⫸ Asymmetric cryptography. Answer: Cryptography wherein two keys
are used: one to encrypt the message and another to decrypt it.
⫸ Asynchronous transfer mode (ATM). Answer: A high-speed
connection technology that uses fixed-length, 53-byte packets called
calls.
⫸ Authenticate. Answer: To verify the identity of a person, or to verify
evidence.
⫸ Base transceiver station (BTS). Answer: The part of the cell network
responsible for communications between the mobile phone and the
network switching system.
,⫸ Basic input/output system (BIOS). Answer: The basic instructions
stored on a chip for booting up the computer.
⫸ Bit-level information. Answer: Information at the level of actual 1s
and 0s stored in memory or on the storage device.
⫸ Block cipher. Answer: A form of cryptography that encrypts data in
blocks; 64-bit blocks are quite common, although some algorithms (like
AES) use larger blocks.
⫸ Bootstrap environment. Answer: A special program, such as U-Boot
or RedBoot, that is stored in a special section of the flash memory.
⫸ Brute-force attack. Answer: An attack in which the attacker tries to
decrypt a message by simply applying every possible key in the
keyspace.
⫸ Business continuity plan (BCP). Answer: A plan for maintaining
minimal operations until the business can return to full normal
operations.
⫸ Business impact analysis (BIA). Answer: An analysis of how specific
incidents might impact the business operations.
⫸ Caesar cipher. Answer: The method of cryptography in which
someone chooses a number by which to shift each letter of a text in the
,alphabet and substitute the new letter for the letter being encrypted. This
is also known as a Mono alphabet, single-alphabet, or substitution
cipher.
⫸ Carrier. Answer: The signal, stream, or data file in which the payload
is hidden.
⫸ Cell-phone forensics. Answer: The process of searching the contents
of cell phones.
⫸ Chain of custody. Answer: The continuity of control of evidence that
makes it possible to account for all that has happened to evidence
between its original collection and its appearance in court, preferably
unaltered.
⫸ Channel. Answer: The type of medium used to hide data in
steganography. This may be photos, video, sound files, or Voice over IP.
⫸ Clean room. Answer: An environment that has a controlled level of
contamination, such as from dust, microbes, and other particles.
⫸ Cloud computing. Answer: The practice of delivering hosted services
over the internet. This can be software as a service, platform as a
service, or infrastructure as a service.
, ⫸ Computer forensics. Answer: The use of analytical and investigative
techniques to identify, collect, examine, and preserve computer-based
material for presentation as evidence in a court of law.
⫸ Consistency checking. Answer: A technique for file system repair
that involves scanning a disk's logical structure and ensuring that it is
consistent with its specification.
⫸ Cryptanalysis. Answer: A method of using techniques other than
brute force to derive a cryptographic key.
⫸ Curriculum vitae (CV). Answer: An extensive document expounding
one's experience and qualifications for a position, similar to a résumé but
with more detail. In academia and expert work, it is usually used rather
than a résumé.
⫸ Cyberstalking. Answer: The use of electronic communications to
harass or threaten another person.
⫸ Data consistency. Answer: The act of ensuring the data that is
extracted is consistent.
⫸ Daubert standard. Answer: The standard holding that only methods
and tools widely accepted in the scientific community can be used in
court.
