WGU C702 FORENSICS AND NETWORK
INTRUSION CERTIFICATION EVALUATION
TEST BANK WITH SOLVED QUESTIONS AND
FULL SOLUTION GUARANTEED PASS
●● Cyber Crime
Answer: Any illegal act involving a computing device, network, its
systems, or its applications. Both internal and external
●● Enterprise Theory of Investigation (ETI)
Answer: Methodology for investigating criminal activity
●● Types of Cyber Crime
Answer: Civil, Criminal, Administrative
●● Civil Cases
Answer: Involve disputes between two parties. Brought for violation of
contracts and lawsuits where a guilty outcome generally results in
monetary damages to the plaintiff
●● Criminal Cases
,Answer: Brought by law enforcement agencies in response to a
suspected violation of law where a guilty outcome results in monetary
damages, imprisonment, or both
●● Administrative Cases
Answer: An internal investigation by an organization to discover if its
employees/clients/partners are abiding by the rules or policies (Violation
of company policies). Non-criminal in nature and are related to
misconduct or activities of an employee
●● Rules of Forensic Investigation
Answer: Safeguard the integrity of the evidence and render it acceptable
in a court of law. The forensic examiner must make duplicate copies of
the original evidence. The duplicate copies must be accurate replications
of the originals, and the forensic examiner must also authenticate the
duplicate copies to avoid questions about the integrity of the evidence.
Must not continue with the investigation if the examination is going to
be beyond his or her knowledge level or skill level.
●● Cyber Crime Investigation Methodology/Steps
Answer: 1.Identify the computer crime 2.Collect preliminary evidence
3.Obtain court warrant dor discovery/seizure of evidence 4.Perform first
responder procedures 5.Seize evidence at the crime scene 6. Transport
evidence to lab 7.Create two bitstream copies of the evidence 8.
Generate MD5 checksum of the images 9. Maintain chain of custody 10.
Store original evidence in secure location 11. Analyze the image copy
,for evidence 12. Prepare a forensic report 13. Submit a report to client
14. Testify in course as an expert witness
●● Locard's Exchange Principle
Answer: Anyone of anything, entering a crime scene takes something of
the scene with them and leaves something of themselves behind when
they leave.
●● Types of Digital Data
Answer: Volatile Data
Non-volatile Data
●● Volatile Data
Answer: Temporary information on a device that requires a constant
power supply and is deleted if the power supply is interrupted
●● Non-Volatile Data
Answer: Secondary storage of data. Long-term, persistent data.
Permanent data stored on secondary storage devices, such as hard disks
and memory cards.
●● Characteristics of Digital Evidence
Answer: 1. Be Relevant
, 2. Be probative
3. Be authentic
4. Be accurate
5. Be complete
6. Be convincing
7. Be admissible
●● Admissible evidence
Answer: Evidence that can be legally and properly introduced in a civil
or criminal trial.
Evidence is relevant to the case
●● Authentic Evidence
Answer: Evidence that is in its original or genuine state.
Investigators must provide supporting documents regarding the
authenticity, accuracy, and integrity of the evidence
●● Complete Evidence
Answer: Evidence must either prove or disprove the fact
●● Reliable Evidence
Answer: evidence that possesses a sufficient degree of likelihood that it
is true and accurate
INTRUSION CERTIFICATION EVALUATION
TEST BANK WITH SOLVED QUESTIONS AND
FULL SOLUTION GUARANTEED PASS
●● Cyber Crime
Answer: Any illegal act involving a computing device, network, its
systems, or its applications. Both internal and external
●● Enterprise Theory of Investigation (ETI)
Answer: Methodology for investigating criminal activity
●● Types of Cyber Crime
Answer: Civil, Criminal, Administrative
●● Civil Cases
Answer: Involve disputes between two parties. Brought for violation of
contracts and lawsuits where a guilty outcome generally results in
monetary damages to the plaintiff
●● Criminal Cases
,Answer: Brought by law enforcement agencies in response to a
suspected violation of law where a guilty outcome results in monetary
damages, imprisonment, or both
●● Administrative Cases
Answer: An internal investigation by an organization to discover if its
employees/clients/partners are abiding by the rules or policies (Violation
of company policies). Non-criminal in nature and are related to
misconduct or activities of an employee
●● Rules of Forensic Investigation
Answer: Safeguard the integrity of the evidence and render it acceptable
in a court of law. The forensic examiner must make duplicate copies of
the original evidence. The duplicate copies must be accurate replications
of the originals, and the forensic examiner must also authenticate the
duplicate copies to avoid questions about the integrity of the evidence.
Must not continue with the investigation if the examination is going to
be beyond his or her knowledge level or skill level.
●● Cyber Crime Investigation Methodology/Steps
Answer: 1.Identify the computer crime 2.Collect preliminary evidence
3.Obtain court warrant dor discovery/seizure of evidence 4.Perform first
responder procedures 5.Seize evidence at the crime scene 6. Transport
evidence to lab 7.Create two bitstream copies of the evidence 8.
Generate MD5 checksum of the images 9. Maintain chain of custody 10.
Store original evidence in secure location 11. Analyze the image copy
,for evidence 12. Prepare a forensic report 13. Submit a report to client
14. Testify in course as an expert witness
●● Locard's Exchange Principle
Answer: Anyone of anything, entering a crime scene takes something of
the scene with them and leaves something of themselves behind when
they leave.
●● Types of Digital Data
Answer: Volatile Data
Non-volatile Data
●● Volatile Data
Answer: Temporary information on a device that requires a constant
power supply and is deleted if the power supply is interrupted
●● Non-Volatile Data
Answer: Secondary storage of data. Long-term, persistent data.
Permanent data stored on secondary storage devices, such as hard disks
and memory cards.
●● Characteristics of Digital Evidence
Answer: 1. Be Relevant
, 2. Be probative
3. Be authentic
4. Be accurate
5. Be complete
6. Be convincing
7. Be admissible
●● Admissible evidence
Answer: Evidence that can be legally and properly introduced in a civil
or criminal trial.
Evidence is relevant to the case
●● Authentic Evidence
Answer: Evidence that is in its original or genuine state.
Investigators must provide supporting documents regarding the
authenticity, accuracy, and integrity of the evidence
●● Complete Evidence
Answer: Evidence must either prove or disprove the fact
●● Reliable Evidence
Answer: evidence that possesses a sufficient degree of likelihood that it
is true and accurate
