WGU Master’s Course C702 – Forensics and Network
Intrusion 2026–2027 | Complete Solution Guide | Verified
Questions & Correct Answers | Advanced Digital
Forensics & Cybersecurity Exam Prep
THIS EXAM CONTAINS:
• Digital forensics investigation procedures and methodologies
• Objective Assessment (OA) preparation materials and practice questions
• Exam-focused practice for first-attempt success and competency mastery
• Updated 2026–2027 cybersecurity concepts aligned with WGU C702
competencies
• Complete WGU C702 Forensics and Network Intrusion study solutions
• Verified questions and accurate answer explanations
,WGU Master’s Course C702
1. A software company suspects that employees have set up
automatic corporate email forwarding to their personal inboxes
against company policy. The company hires forensic investigators to
identify the employees violating policy, with the intention of issuing
warnings to them.
Which type of cybercrime investigation approach is this company
taking?
• A) Civil
• B) Criminal
• C) Administrative
• D) Punitive
Answer: C
2. Which model or legislation applies a holistic approach toward any
criminal activity as a criminal operation?
• A) Enterprise Theory of Investigation
• B) Racketeer Influenced and Corrupt Organizations Act
• C) Evidence Examination
• D) Law Enforcement Cyber Incident Reporting
Answer: A
3. What does a forensic investigator need to obtain before seizing a
computing device in a criminal case?
, • A) Court warrant
• B) Completed crime report
• C) Chain of custody document
• D) Plaintiff's permission
Answer: A
4. Which activity should be used to check whether an application has
ever been installed on a computer?
• A) Penetration test
• B) Risk analysis
• C) Log review
• D) Security review
Answer: C
5. Which characteristic describes an organization's forensic readiness
in the context of cybercrimes?
• A) It includes moral considerations.
• B) It includes cost considerations.
• C) It excludes nontechnical actions.
• D) It excludes technical actions.
Answer: B
, 6. A cybercrime investigator identifies a Universal Serial Bus (USB)
memory stick containing emails as a primary piece of evidence.
Who must sign the chain of custody document once the USB stick is in
evidence?
• A) Those who obtain access to the device
• B) Anyone who has ever used the device
• C) Recipients of emails on the device
• D) Authors of emails on the device
Answer: A
7. Which type of attack is a denial-of-service technique that sends a
large amount of data to overwhelm system resources?
• A) Phishing
• B) Spamming
• C) Mail bombing
• D) Bluejacking
Answer: C
8. Which computer crime forensics step requires an investigator to
duplicate and image the collected digital information?
• A) Securing evidence
• B) Acquiring data
• C) Analyzing data
Intrusion 2026–2027 | Complete Solution Guide | Verified
Questions & Correct Answers | Advanced Digital
Forensics & Cybersecurity Exam Prep
THIS EXAM CONTAINS:
• Digital forensics investigation procedures and methodologies
• Objective Assessment (OA) preparation materials and practice questions
• Exam-focused practice for first-attempt success and competency mastery
• Updated 2026–2027 cybersecurity concepts aligned with WGU C702
competencies
• Complete WGU C702 Forensics and Network Intrusion study solutions
• Verified questions and accurate answer explanations
,WGU Master’s Course C702
1. A software company suspects that employees have set up
automatic corporate email forwarding to their personal inboxes
against company policy. The company hires forensic investigators to
identify the employees violating policy, with the intention of issuing
warnings to them.
Which type of cybercrime investigation approach is this company
taking?
• A) Civil
• B) Criminal
• C) Administrative
• D) Punitive
Answer: C
2. Which model or legislation applies a holistic approach toward any
criminal activity as a criminal operation?
• A) Enterprise Theory of Investigation
• B) Racketeer Influenced and Corrupt Organizations Act
• C) Evidence Examination
• D) Law Enforcement Cyber Incident Reporting
Answer: A
3. What does a forensic investigator need to obtain before seizing a
computing device in a criminal case?
, • A) Court warrant
• B) Completed crime report
• C) Chain of custody document
• D) Plaintiff's permission
Answer: A
4. Which activity should be used to check whether an application has
ever been installed on a computer?
• A) Penetration test
• B) Risk analysis
• C) Log review
• D) Security review
Answer: C
5. Which characteristic describes an organization's forensic readiness
in the context of cybercrimes?
• A) It includes moral considerations.
• B) It includes cost considerations.
• C) It excludes nontechnical actions.
• D) It excludes technical actions.
Answer: B
, 6. A cybercrime investigator identifies a Universal Serial Bus (USB)
memory stick containing emails as a primary piece of evidence.
Who must sign the chain of custody document once the USB stick is in
evidence?
• A) Those who obtain access to the device
• B) Anyone who has ever used the device
• C) Recipients of emails on the device
• D) Authors of emails on the device
Answer: A
7. Which type of attack is a denial-of-service technique that sends a
large amount of data to overwhelm system resources?
• A) Phishing
• B) Spamming
• C) Mail bombing
• D) Bluejacking
Answer: C
8. Which computer crime forensics step requires an investigator to
duplicate and image the collected digital information?
• A) Securing evidence
• B) Acquiring data
• C) Analyzing data
