WGU Course C840 - Digital Forensics in Cybersecurity ALL CORRECT
Malware forensics is also known as internet forensics.
A True
B False Correct Answer: B
The Privacy Protection Act (PPA) of 1980 protects journalists from being required to turn over to law
enforcement any work product or documentary material, including sources, before it is disseminated to
the public.
A True
B False Correct Answer: A
The term testimonial evidence refers to the process of examining malicious computer code.
A True
B False Correct Answer: B
Evidence need not be locked if it is at a police station.
A True
B False Correct Answer: B
Real evidence means physical objects that can be touched, held, or directly observed, such as a laptop
with a suspect's fingerprints on it, or a handwritten note.
A True
B False Correct Answer: A
The FBI is the premier federal agency tasked with combating cybercrime.
A True
B False Correct Answer: B
When cataloging digital evidence, the primary goal is to do what?
A Make bitstream images of all hard drives.
B Keep the computer from being turned off.
C Keep evidence from being removed from the scene.
D Preserve evidence integrity. Correct Answer: D
Your roommate can give consent to search your computer.
A True
B False Correct Answer: B
, The Windows Registry is essentially a repository of all settings, software, and parameters for Windows.
A True
B False Correct Answer: A
The term internet forensics refers to information that forensic specialists use to support or interpret real
or documentary evidence; for example, to demonstrate that the fingerprints found on a keyboard are
those of a specific individual.
A True
B False Correct Answer: B
PROM can be programmed only once. Data is not lost when power is removed.
A True
B False Correct Answer: A
In a computer forensics investigation, ________ describes the route that evidence takes from the time
you find it until the case is closed or goes to court.
A Policy of separation
B Rules of evidence
C Law of probability
D Chain of custody Correct Answer: D
The objective in computer forensics is to recover, analyze, and present computer-based material in such
a way that it can be used as evidence in a court of law.
A True
B False Correct Answer: A
Demonstrative evidence means information that helps explain other evidence. An example of
demonstrative evidence is a chart that explains a technical concept to the judge and jury.
A True
B False Correct Answer: A
Which of the following are important to the investigator regarding logging?
A Location of stored logs
B Log retention
C The logging methods
D All of these Correct Answer: D
A sector is the basic unit of data storage on a hard disk, which is usually 64 KB.
A True
Malware forensics is also known as internet forensics.
A True
B False Correct Answer: B
The Privacy Protection Act (PPA) of 1980 protects journalists from being required to turn over to law
enforcement any work product or documentary material, including sources, before it is disseminated to
the public.
A True
B False Correct Answer: A
The term testimonial evidence refers to the process of examining malicious computer code.
A True
B False Correct Answer: B
Evidence need not be locked if it is at a police station.
A True
B False Correct Answer: B
Real evidence means physical objects that can be touched, held, or directly observed, such as a laptop
with a suspect's fingerprints on it, or a handwritten note.
A True
B False Correct Answer: A
The FBI is the premier federal agency tasked with combating cybercrime.
A True
B False Correct Answer: B
When cataloging digital evidence, the primary goal is to do what?
A Make bitstream images of all hard drives.
B Keep the computer from being turned off.
C Keep evidence from being removed from the scene.
D Preserve evidence integrity. Correct Answer: D
Your roommate can give consent to search your computer.
A True
B False Correct Answer: B
, The Windows Registry is essentially a repository of all settings, software, and parameters for Windows.
A True
B False Correct Answer: A
The term internet forensics refers to information that forensic specialists use to support or interpret real
or documentary evidence; for example, to demonstrate that the fingerprints found on a keyboard are
those of a specific individual.
A True
B False Correct Answer: B
PROM can be programmed only once. Data is not lost when power is removed.
A True
B False Correct Answer: A
In a computer forensics investigation, ________ describes the route that evidence takes from the time
you find it until the case is closed or goes to court.
A Policy of separation
B Rules of evidence
C Law of probability
D Chain of custody Correct Answer: D
The objective in computer forensics is to recover, analyze, and present computer-based material in such
a way that it can be used as evidence in a court of law.
A True
B False Correct Answer: A
Demonstrative evidence means information that helps explain other evidence. An example of
demonstrative evidence is a chart that explains a technical concept to the judge and jury.
A True
B False Correct Answer: A
Which of the following are important to the investigator regarding logging?
A Location of stored logs
B Log retention
C The logging methods
D All of these Correct Answer: D
A sector is the basic unit of data storage on a hard disk, which is usually 64 KB.
A True
