WGU C702 Full
Which of the following is not an objective of computer forensics?
A. Computer forensics deals with the process of finding evidence related to a digital crime to find the
victims and prevent legal action against them.
B. Computer forensics deals with the process of finding evidence related to a crime to find the culprits
and initiate legal action against them.
C. Computer forensics deals with the process of finding evidence related to a digital crime to find the
culprits and initiate legal action against them.
D. Computer forensics deals with the process of finding evidence related to a digital crime to find the
culprits and avoid legal action against them. Correct Answer: C
Which of the following is not an objective of computer forensics?
A. Track and prosecute the perpetrators in a court of law.
B. Identify, gather, and preserve the evidence of a cybercrime.
C. Interpret, document, and present the evidence to be admissible during prosecution.
D. Document vulnerabilities allowing further loss of intellectual property, finances, and reputation
during an attack. Correct Answer: D
Which of the following is true regarding the enterprise theory of investigation (ETI) ?
A. It adopts a holistic approach toward any criminal activity as a criminal operation rather than as a
single criminal act.
B. It adopts an approach toward criminal activity as a criminal act.
C. It differs from traditional investigative methods, and it is less complex and less time-consuming.
D. It encourages reactive action on the structure of the criminal enterprise. Correct Answer: A
Forensic readiness referrers to:
A. having no impact on prospects of successful legal action
B. replacing the need to meet all regulatory requirements
C. the establishment of specific incident response procedures and designated trained personnel to
prevent a breach
D. an organization's ability to make optimal use of digital evidence in a limited time period and with
minimal investigation costs Correct Answer: D
Which of the following is not an element of cybercrime?
A. anonymity through masquerading
B. fast-paced speed
C. volatile evidence
D. evidence smaller in size Correct Answer: D
Which of the following is true of cyber crimes?
,A. Investigators, with a warrant, have the authority to forcibly seize the computing devices.
B. Investigators attempt to demonstrate information to the opposite party to support the claims and
induce settlement.
C. The searching of the devices is based on mutual understanding and provides a wider time frame to
hide the evidence.
D. The claimant is responsible for the collection and analysis of the evidence. Correct Answer: A
Which of the following is true of civil crimes?
A. The initial reporting of the evidence is generally informal.
B. A formal investigation report is required.
C. Law enforcement agencies are responsible for collecting and analyzing evidence.
D. The standards of proof need to be very high. Correct Answer: A
Which of the following is not a consideration during a cybercrimes investigation?
A. collection of clues and forensic evidence
B. analysis of digital evidence
C. presentation of admissible evidence
D. value or cost to the victim Correct Answer: D
Which of the following is a user-created source of potential evidence?
A. address book
B. printer spool
C. cookies
D. log files Correct Answer: A
Which of the following is a computer-created source of potential evidence?
A. bookmarks
B. spreadsheet
C. swap file
D. steganography Correct Answer: C
Which of the following is not where potential evidence may be located?
A. digital camera
B. smart card
C. processor
D. thumb drive Correct Answer: C
Under which of the following conditions will duplicate evidence not suffice?
A. when original evidence is destroyed in the normal course of business
B. when original evidence is in possession of the originator
C. when original evidence is in possession of a third party
,D. when original evidence is destroyed due to fire or flood Correct Answer: B
Which of the following Federal Rules of Evidence governs proceedings in the courts of the United
States?
A. Rule 105
B. Rule 103
C. Rule 101
D. Rule 102 Correct Answer: C
Which of the following Federal Rules of Evidence ensures that the truth may be ascertained and the
proceedings justly determined?
A. Rule 105
B. Rule 102
C. Rule 101
D. Rule 103 Correct Answer: B
Which of the following Federal Rules of Evidence contains Rulings on Evidence?
A. Rule 103
B. Rule 105
C. Rule 102
D. Rule 101 Correct Answer: A
Which of the following Federal Rules of Evidence states that the court shall restrict the evidence to its
proper scope and instruct the jury accordingly?
A. Rule 102
B. Rule 103
C. Rule 101
D. Rule 105 Correct Answer: D
Which of the following answers refers to a set of methodological procedures and techniques to identify,
gather, preserve, extract, interpret, document, and present evidence from computing equipment in such
a manner that the discovered evidence is acceptable during a legal and/or administrative proceeding in
a court of law?
A. disaster recovery
B. incident handling
C. computer forensics
D. network analysis Correct Answer: C
Computer forensics deals with the process of finding _______ related to digital crime to find the culprits
and initiate legal action against them.
A. insider threats
B. evidence
, C. fraud
D. malware Correct Answer: B
Minimizing the tangible and intangible losses to the organization or an individual is considered an
essential computer forensics use.
A. True
B. False Correct Answer: A
Cybercrimes can be classified into the following two types of attacks, based on the line of attack.
A. Fraud and Spam
B. Phishing and Malware
C. Internal and External Correct Answer: C
Espionage, theft of intellectual property, manipulation of records, and Trojan horse attacks are examples
of what?
A. insider attacks or secondary threats
B. insider attacks or primary threats
C. outsider attacks or secondary threats
D. outsider attacks or primary threats Correct Answer: B
External attacks occur when there are inadequate information-security policies and procedures.
A. True
B. False Correct Answer: A
Which type of cases involve disputes between two parties?
A. civil
B. investigative
C. administrative
D. criminal Correct Answer: A
A computer forensic examiner can investigate any crime as long as he or she takes detailed notes and
follows appropriate processes.
A. True
B. False Correct Answer: B
_______ is the standard investigative model used by the FBI when conducting investigations against
major criminal organizations.
A. Enterprise Theory of Investigation (ETI)
B. Both Enterprise Theory of Investigation (ETI) and Entrepreneur Theory of Investigation
C. Entrepreneur Theory of Investigation Correct Answer: A
Which of the following is not an objective of computer forensics?
A. Computer forensics deals with the process of finding evidence related to a digital crime to find the
victims and prevent legal action against them.
B. Computer forensics deals with the process of finding evidence related to a crime to find the culprits
and initiate legal action against them.
C. Computer forensics deals with the process of finding evidence related to a digital crime to find the
culprits and initiate legal action against them.
D. Computer forensics deals with the process of finding evidence related to a digital crime to find the
culprits and avoid legal action against them. Correct Answer: C
Which of the following is not an objective of computer forensics?
A. Track and prosecute the perpetrators in a court of law.
B. Identify, gather, and preserve the evidence of a cybercrime.
C. Interpret, document, and present the evidence to be admissible during prosecution.
D. Document vulnerabilities allowing further loss of intellectual property, finances, and reputation
during an attack. Correct Answer: D
Which of the following is true regarding the enterprise theory of investigation (ETI) ?
A. It adopts a holistic approach toward any criminal activity as a criminal operation rather than as a
single criminal act.
B. It adopts an approach toward criminal activity as a criminal act.
C. It differs from traditional investigative methods, and it is less complex and less time-consuming.
D. It encourages reactive action on the structure of the criminal enterprise. Correct Answer: A
Forensic readiness referrers to:
A. having no impact on prospects of successful legal action
B. replacing the need to meet all regulatory requirements
C. the establishment of specific incident response procedures and designated trained personnel to
prevent a breach
D. an organization's ability to make optimal use of digital evidence in a limited time period and with
minimal investigation costs Correct Answer: D
Which of the following is not an element of cybercrime?
A. anonymity through masquerading
B. fast-paced speed
C. volatile evidence
D. evidence smaller in size Correct Answer: D
Which of the following is true of cyber crimes?
,A. Investigators, with a warrant, have the authority to forcibly seize the computing devices.
B. Investigators attempt to demonstrate information to the opposite party to support the claims and
induce settlement.
C. The searching of the devices is based on mutual understanding and provides a wider time frame to
hide the evidence.
D. The claimant is responsible for the collection and analysis of the evidence. Correct Answer: A
Which of the following is true of civil crimes?
A. The initial reporting of the evidence is generally informal.
B. A formal investigation report is required.
C. Law enforcement agencies are responsible for collecting and analyzing evidence.
D. The standards of proof need to be very high. Correct Answer: A
Which of the following is not a consideration during a cybercrimes investigation?
A. collection of clues and forensic evidence
B. analysis of digital evidence
C. presentation of admissible evidence
D. value or cost to the victim Correct Answer: D
Which of the following is a user-created source of potential evidence?
A. address book
B. printer spool
C. cookies
D. log files Correct Answer: A
Which of the following is a computer-created source of potential evidence?
A. bookmarks
B. spreadsheet
C. swap file
D. steganography Correct Answer: C
Which of the following is not where potential evidence may be located?
A. digital camera
B. smart card
C. processor
D. thumb drive Correct Answer: C
Under which of the following conditions will duplicate evidence not suffice?
A. when original evidence is destroyed in the normal course of business
B. when original evidence is in possession of the originator
C. when original evidence is in possession of a third party
,D. when original evidence is destroyed due to fire or flood Correct Answer: B
Which of the following Federal Rules of Evidence governs proceedings in the courts of the United
States?
A. Rule 105
B. Rule 103
C. Rule 101
D. Rule 102 Correct Answer: C
Which of the following Federal Rules of Evidence ensures that the truth may be ascertained and the
proceedings justly determined?
A. Rule 105
B. Rule 102
C. Rule 101
D. Rule 103 Correct Answer: B
Which of the following Federal Rules of Evidence contains Rulings on Evidence?
A. Rule 103
B. Rule 105
C. Rule 102
D. Rule 101 Correct Answer: A
Which of the following Federal Rules of Evidence states that the court shall restrict the evidence to its
proper scope and instruct the jury accordingly?
A. Rule 102
B. Rule 103
C. Rule 101
D. Rule 105 Correct Answer: D
Which of the following answers refers to a set of methodological procedures and techniques to identify,
gather, preserve, extract, interpret, document, and present evidence from computing equipment in such
a manner that the discovered evidence is acceptable during a legal and/or administrative proceeding in
a court of law?
A. disaster recovery
B. incident handling
C. computer forensics
D. network analysis Correct Answer: C
Computer forensics deals with the process of finding _______ related to digital crime to find the culprits
and initiate legal action against them.
A. insider threats
B. evidence
, C. fraud
D. malware Correct Answer: B
Minimizing the tangible and intangible losses to the organization or an individual is considered an
essential computer forensics use.
A. True
B. False Correct Answer: A
Cybercrimes can be classified into the following two types of attacks, based on the line of attack.
A. Fraud and Spam
B. Phishing and Malware
C. Internal and External Correct Answer: C
Espionage, theft of intellectual property, manipulation of records, and Trojan horse attacks are examples
of what?
A. insider attacks or secondary threats
B. insider attacks or primary threats
C. outsider attacks or secondary threats
D. outsider attacks or primary threats Correct Answer: B
External attacks occur when there are inadequate information-security policies and procedures.
A. True
B. False Correct Answer: A
Which type of cases involve disputes between two parties?
A. civil
B. investigative
C. administrative
D. criminal Correct Answer: A
A computer forensic examiner can investigate any crime as long as he or she takes detailed notes and
follows appropriate processes.
A. True
B. False Correct Answer: B
_______ is the standard investigative model used by the FBI when conducting investigations against
major criminal organizations.
A. Enterprise Theory of Investigation (ETI)
B. Both Enterprise Theory of Investigation (ETI) and Entrepreneur Theory of Investigation
C. Entrepreneur Theory of Investigation Correct Answer: A
