2
WGU C702 CHFI and OA Exam with precise detailed
|| || || || || || || || ||
solutions
Which of the following is true regarding computer forensics? - ✔✔Computer forensics deals with
|| || || || || || || || || || || || ||
the process of finding evidence related to a digital crime to find the culprits and initiate legal
|| || || || || || || || || || || || || || || || || ||
action against them.|| ||
Which of the following is NOT a objective of computer forensics? - ✔✔Document vulnerabilities
|| || || || || || || || || || || || ||
allowing further loss of intellectual property, finances, and reputation during an attack.
|| || || || || || || || || || || ||
Which of the following is true regarding Enterprise Theory of Investigation (ETI)? - ✔✔It adopts
|| || || || || || || || || || || || || || ||
a holistic approach toward any criminal activity as a criminal operation rather as a single criminal
|| || || || || || || || || || || || || || || ||
act.
Forensic readiness refers to: - ✔✔An organization's ability to make optimal use of digital
|| || || || || || || || || || || || || ||
evidence in a limited time period and with minimal investigation costs.
|| || || || || || || || || ||
Which of the following is NOT a element of cybercrime? - ✔✔Evidence smaller in size.
|| || || || || || || || || || || || || ||
Which of the following is true of cybercrimes? - ✔✔Investigators, with a warrant, have the
|| || || || || || || || || || || || || || ||
authority to forcibly seize the computing devices.
|| || || || || ||
Which of the following is true of cybercrimes? - ✔✔The initial reporting of the evidence is
|| || || || || || || || || || || || || || || ||
usually informal. ||
Which of the following is NOT a consideration during a cybercrime investigation? - ✔✔Value or
|| || || || || || || || || || || || || || ||
cost to the victim.
|| || ||
Which of the following is a user-created source of potential evidence? - ✔✔Address book.
|| || || || || || || || || || || || ||
,2
Which of the following is a computer-created source of potential evidence? - ✔✔Swap file.
|| || || || || || || || || || || || ||
Which of the following is NOT where potential evidence may be located? - ✔✔Processor.
|| || || || || || || || || || || || ||
Under which of the following conditions will duplicate evidence NOT suffice? - ✔✔When
|| || || || || || || || || || || || ||
original evidence is in possession of the originator.
|| || || || || || ||
Which of the following Federal Rules of Evidence governs proceedings in the courts of the
|| || || || || || || || || || || || || || ||
United States? - ✔✔Rule 101. || || || ||
Which of the following Federal Rules of Evidence ensures that the truth may be ascertained and
|| || || || || || || || || || || || || || || ||
the proceedings justly determined? - ✔✔Rule 102.
|| || || || || ||
Which of the following Federal Rules of Evidence contains rulings on evidence? - ✔✔Rule 103
|| || || || || || || || || || || || || ||
Which of the following Federal Rules of Evidence states that the court shall restrict the evidence
|| || || || || || || || || || || || || || || ||
to its proper scope and instruct the jury accordingly? - ✔✔Rule 105
|| || || || || || || || || || ||
Which of the following refers to a set of methodological procedures and techniques to identify,
|| || || || || || || || || || || || || || ||
gather, preserve, extract, interpret, document, and present evidence from computing equipment in
|| || || || || || || || || || || ||
such a manner that the discovered evidence is acceptable during a legal and/or administrative
|| || || || || || || || || || || || || ||
proceeding in a court of law? - ✔✔Computer Forensics. || || || || || || || ||
Computer Forensics deals with the process of finding _____ related to a digital crime to find the
|| || || || || || || || || || || || || || || || ||
culprits and initiate legal action against them. - ✔✔Evidence.
|| || || || || || || ||
Minimizing the tangible and intangible losses to the organization or an individual is considered an
|| || || || || || || || || || || || || ||
essential computer forensics use. - ✔✔True.
|| || || || || ||
, 2
Cybercrimes can be classified into the following two types of attacks, based on the line of attack. -
|| || || || || || || || || || || || || || || || ||
✔✔Internal and External.
|| || ||
Espionage, theft of intellectual property, manipulation of records, and trojan horse attacks are
|| || || || || || || || || || || || ||
examples of what? - ✔✔Insider attack or primary attacks. || || || || || || || ||
External attacks occur when there are inadequate information-security policies and procedures. -
|| || || || || || || || || || || ||
✔✔True.
Which type of cases involve disputes between two parties? - ✔✔Civil.
|| || || || || || || || || ||
A computer forensic examiner can investigate any crime as long as he or she takes detailed notes
|| || || || || || || || || || || || || || || || ||
and follows the appropriate processes. - ✔✔False.
|| || || || || ||
________ is the standard investigative model used by the FBI when conducting investigations
|| || || || || || || || || || || || ||
against major criminal organizations. - ✔✔Enterprise Theory of Investigation (ETI).
|| || || || || || || || ||
Forensic readiness includes technical and nontechnical actions that maximize an organization's
|| || || || || || || || || || ||
competence to use digital evidence. - ✔✔True. || || || || || ||
Which of the following is the process of developing a strategy to address the occurrence of any
|| || || || || || || || || || || || || || || || ||
security breach in the system or network? - ✔✔Incident Response.
|| || || || || || || || ||
Digital devices store data about session such as user and type of connection. - ✔✔True.
|| || || || || || || || || || || || || ||
Codes of ethics are the principles stated to describe the expected behavior of an investigator while
|| || || || || || || || || || || || || || ||
handling a case. Which of the following is NOT a principle that a computer forensic investigator
|| || || || || || || || || || || || || || || || ||
must follow? - ✔✔Provide personal or prejudiced opinions.
|| || || || || || ||
WGU C702 CHFI and OA Exam with precise detailed
|| || || || || || || || ||
solutions
Which of the following is true regarding computer forensics? - ✔✔Computer forensics deals with
|| || || || || || || || || || || || ||
the process of finding evidence related to a digital crime to find the culprits and initiate legal
|| || || || || || || || || || || || || || || || || ||
action against them.|| ||
Which of the following is NOT a objective of computer forensics? - ✔✔Document vulnerabilities
|| || || || || || || || || || || || ||
allowing further loss of intellectual property, finances, and reputation during an attack.
|| || || || || || || || || || || ||
Which of the following is true regarding Enterprise Theory of Investigation (ETI)? - ✔✔It adopts
|| || || || || || || || || || || || || || ||
a holistic approach toward any criminal activity as a criminal operation rather as a single criminal
|| || || || || || || || || || || || || || || ||
act.
Forensic readiness refers to: - ✔✔An organization's ability to make optimal use of digital
|| || || || || || || || || || || || || ||
evidence in a limited time period and with minimal investigation costs.
|| || || || || || || || || ||
Which of the following is NOT a element of cybercrime? - ✔✔Evidence smaller in size.
|| || || || || || || || || || || || || ||
Which of the following is true of cybercrimes? - ✔✔Investigators, with a warrant, have the
|| || || || || || || || || || || || || || ||
authority to forcibly seize the computing devices.
|| || || || || ||
Which of the following is true of cybercrimes? - ✔✔The initial reporting of the evidence is
|| || || || || || || || || || || || || || || ||
usually informal. ||
Which of the following is NOT a consideration during a cybercrime investigation? - ✔✔Value or
|| || || || || || || || || || || || || || ||
cost to the victim.
|| || ||
Which of the following is a user-created source of potential evidence? - ✔✔Address book.
|| || || || || || || || || || || || ||
,2
Which of the following is a computer-created source of potential evidence? - ✔✔Swap file.
|| || || || || || || || || || || || ||
Which of the following is NOT where potential evidence may be located? - ✔✔Processor.
|| || || || || || || || || || || || ||
Under which of the following conditions will duplicate evidence NOT suffice? - ✔✔When
|| || || || || || || || || || || || ||
original evidence is in possession of the originator.
|| || || || || || ||
Which of the following Federal Rules of Evidence governs proceedings in the courts of the
|| || || || || || || || || || || || || || ||
United States? - ✔✔Rule 101. || || || ||
Which of the following Federal Rules of Evidence ensures that the truth may be ascertained and
|| || || || || || || || || || || || || || || ||
the proceedings justly determined? - ✔✔Rule 102.
|| || || || || ||
Which of the following Federal Rules of Evidence contains rulings on evidence? - ✔✔Rule 103
|| || || || || || || || || || || || || ||
Which of the following Federal Rules of Evidence states that the court shall restrict the evidence
|| || || || || || || || || || || || || || || ||
to its proper scope and instruct the jury accordingly? - ✔✔Rule 105
|| || || || || || || || || || ||
Which of the following refers to a set of methodological procedures and techniques to identify,
|| || || || || || || || || || || || || || ||
gather, preserve, extract, interpret, document, and present evidence from computing equipment in
|| || || || || || || || || || || ||
such a manner that the discovered evidence is acceptable during a legal and/or administrative
|| || || || || || || || || || || || || ||
proceeding in a court of law? - ✔✔Computer Forensics. || || || || || || || ||
Computer Forensics deals with the process of finding _____ related to a digital crime to find the
|| || || || || || || || || || || || || || || || ||
culprits and initiate legal action against them. - ✔✔Evidence.
|| || || || || || || ||
Minimizing the tangible and intangible losses to the organization or an individual is considered an
|| || || || || || || || || || || || || ||
essential computer forensics use. - ✔✔True.
|| || || || || ||
, 2
Cybercrimes can be classified into the following two types of attacks, based on the line of attack. -
|| || || || || || || || || || || || || || || || ||
✔✔Internal and External.
|| || ||
Espionage, theft of intellectual property, manipulation of records, and trojan horse attacks are
|| || || || || || || || || || || || ||
examples of what? - ✔✔Insider attack or primary attacks. || || || || || || || ||
External attacks occur when there are inadequate information-security policies and procedures. -
|| || || || || || || || || || || ||
✔✔True.
Which type of cases involve disputes between two parties? - ✔✔Civil.
|| || || || || || || || || ||
A computer forensic examiner can investigate any crime as long as he or she takes detailed notes
|| || || || || || || || || || || || || || || || ||
and follows the appropriate processes. - ✔✔False.
|| || || || || ||
________ is the standard investigative model used by the FBI when conducting investigations
|| || || || || || || || || || || || ||
against major criminal organizations. - ✔✔Enterprise Theory of Investigation (ETI).
|| || || || || || || || ||
Forensic readiness includes technical and nontechnical actions that maximize an organization's
|| || || || || || || || || || ||
competence to use digital evidence. - ✔✔True. || || || || || ||
Which of the following is the process of developing a strategy to address the occurrence of any
|| || || || || || || || || || || || || || || || ||
security breach in the system or network? - ✔✔Incident Response.
|| || || || || || || || ||
Digital devices store data about session such as user and type of connection. - ✔✔True.
|| || || || || || || || || || || || || ||
Codes of ethics are the principles stated to describe the expected behavior of an investigator while
|| || || || || || || || || || || || || || ||
handling a case. Which of the following is NOT a principle that a computer forensic investigator
|| || || || || || || || || || || || || || || || ||
must follow? - ✔✔Provide personal or prejudiced opinions.
|| || || || || || ||
