2
D431 - Digital Forensics, Investigation, and || || || || || ||
Response - Chapters Test questions with solutions || || || || || ||
In a computer forensics investigation, this describes the route that evidence takes from the time
|| || || || || || || || || || || || || || ||
you find it until the case is closed or goes to court.
|| || || || || || || || || || ||
Chain of custody || ||
|| || ||
If the computer is turned on when you arrive, what does the Secret Service recommend you do?
|| || || || || || || || || || || || || || || ||
Shut the computer down according to the recommended Secret Service procedure.
|| || || || || || || || || ||
|| || ||
Why should you note all cable connections for a computer you want to seize as evidence?
|| || || || || || || || || || || || || || ||
In case other devices were connected
|| || || || ||
|| || ||
What is the essence of the Daubert standard?
|| || || || || || ||
That only tools or techniques that have been accepted by the scientific community are admissible
|| || || || || || || || || || || || || || ||
at trial ||
|| || ||
When cataloging digital evidence, the primary goal is to do what?
|| || || || || || || || || ||
Preserve evidence integrity. || ||
|| || ||
,2
Which of the following is important to the investigator regarding logging?
|| || || || || || || || || ||
All of the above || || ||
|| || ||
Your roommate can give consent to search your computer.
|| || || || || || || ||
False
1 multiple choice option
|| || ||
Evidence need not be locked if it is at a police station.
|| || || || || || || || || || ||
False
1 multiple choice option
|| || ||
When investigating a virus, what is the first step?
|| || || || || || || ||
Document the virus. || ||
|| || ||
Which of the following crimes is most likely to leave email evidence?
|| || || || || || || || || || ||
Cyberstalking
|| || ||
Where would you seek evidence that Ophcrack had been used on a Windows Server 2008
|| || || || || || || || || || || || || || ||
machine?
In the logs of the server; look for the reboot of the system
|| || || || || || || || || || || ||
|| || ||
, 2
Logic bombs are often perpetrated by _________.
|| || || || || ||
Disgruntled employees ||
|| || ||
Spyware is legal. || ||
True
1 multiple choice option
|| || ||
It is legal for employers to monitor work computers.
|| || || || || || || ||
True
1 multiple choice option
|| || ||
What is the primary reason to take cyberstalking seriously?
|| || || || || || || ||
It can be a prelude to real-world violence.
|| || || || || || ||
|| || ||
What is the starting point for investigating denial-of-service attacks?
|| || || || || || || ||
Tracing the packets || ||
|| || ||
To preserve digital evidence, an investigator should ______.
|| || || || || || ||
Make two copies of each evidence item using different imaging tools
|| || || || || || || || || ||
D431 - Digital Forensics, Investigation, and || || || || || ||
Response - Chapters Test questions with solutions || || || || || ||
In a computer forensics investigation, this describes the route that evidence takes from the time
|| || || || || || || || || || || || || || ||
you find it until the case is closed or goes to court.
|| || || || || || || || || || ||
Chain of custody || ||
|| || ||
If the computer is turned on when you arrive, what does the Secret Service recommend you do?
|| || || || || || || || || || || || || || || ||
Shut the computer down according to the recommended Secret Service procedure.
|| || || || || || || || || ||
|| || ||
Why should you note all cable connections for a computer you want to seize as evidence?
|| || || || || || || || || || || || || || ||
In case other devices were connected
|| || || || ||
|| || ||
What is the essence of the Daubert standard?
|| || || || || || ||
That only tools or techniques that have been accepted by the scientific community are admissible
|| || || || || || || || || || || || || || ||
at trial ||
|| || ||
When cataloging digital evidence, the primary goal is to do what?
|| || || || || || || || || ||
Preserve evidence integrity. || ||
|| || ||
,2
Which of the following is important to the investigator regarding logging?
|| || || || || || || || || ||
All of the above || || ||
|| || ||
Your roommate can give consent to search your computer.
|| || || || || || || ||
False
1 multiple choice option
|| || ||
Evidence need not be locked if it is at a police station.
|| || || || || || || || || || ||
False
1 multiple choice option
|| || ||
When investigating a virus, what is the first step?
|| || || || || || || ||
Document the virus. || ||
|| || ||
Which of the following crimes is most likely to leave email evidence?
|| || || || || || || || || || ||
Cyberstalking
|| || ||
Where would you seek evidence that Ophcrack had been used on a Windows Server 2008
|| || || || || || || || || || || || || || ||
machine?
In the logs of the server; look for the reboot of the system
|| || || || || || || || || || || ||
|| || ||
, 2
Logic bombs are often perpetrated by _________.
|| || || || || ||
Disgruntled employees ||
|| || ||
Spyware is legal. || ||
True
1 multiple choice option
|| || ||
It is legal for employers to monitor work computers.
|| || || || || || || ||
True
1 multiple choice option
|| || ||
What is the primary reason to take cyberstalking seriously?
|| || || || || || || ||
It can be a prelude to real-world violence.
|| || || || || || ||
|| || ||
What is the starting point for investigating denial-of-service attacks?
|| || || || || || || ||
Tracing the packets || ||
|| || ||
To preserve digital evidence, an investigator should ______.
|| || || || || || ||
Make two copies of each evidence item using different imaging tools
|| || || || || || || || || ||
