IAR FINAL EXAM REVIEW 2022| 40 QUESTIONS WITH 100% CORRECT ANSWERS

IAR FINAL EXAM REVIEW 2022| 40 QUESTIONS
WITH 100% CORRECT ANSWERS

choose the most common method of distributing malware

a. None of the other choices

b. Drive-by downloads

c. Unapproved software

d. Ransomware

e. Usb flash drives Correct Answer: b



The incident scene should be returned to normal as soon as the investigator arrives.

A. True

B. False Correct Answer: b



choose the best form of anti-malware protection

A. One-hundred-percent content filtering at all border gateways

B. Multiple solutions on each system

C. A single solution throughout the organization

D.None of the other choices

E. Anti-malware protection at several locations Correct Answer: e



Why is port scanning considered an incident when it does no damage to the system?

A.Port scans can precede attacks that cause damage and may lead to a future attack

B.Could be normal activity mistaken as a scan

C.Uses system resources

, D.Damages the port Correct Answer: a



Choose the following is the best response after detecting and verifying an incident?

A. Remediate it

B. none of the other choices

C. Contain it

D. Report it

E. Gather evidence Correct Answer: c



___consists of taking the actions deemed appropriate to address the current incident...vv..vvv

A. Strategic

B. None of the other choices

C. Posturing

D. Tacical Correct Answer: d



Forensic scientists use ______ evidence to reconstruct the events of a crime.

A.direct evidence

B.physical evidence

C.indirect evidence

D.class evidence Correct Answer: b



_____ is the data present between the logical end of a file and the end of

the allocation unit. it is technically allocated space (another file cannot use that

area); however, slack space typically contains data that was part of the previous file or

some random contents of memory, or both