WGU Master's Course C702 -
n n n n
Forensics and Network Intrusion With Com
n n n n n n
plete Solution n
Ansoftwarencompanynsuspectsnthatnemployeesnhavensetnupnautomaticncorporatenemailnfor
wardingntontheirnpersonalninboxesnagainstncompanynpolicy.nThencompanynhiresnforensicni
nvestigatorsntonidentifynthenemployeesnviolatingnpolicy,nwithnthenintentionnofnissuingnwarni
ngsntonthem.
Whichntypenofncybercrimeninvestigationnapproachnisnthisncompanyntaking?
AnCivil
BnCriminal
CnAdministrative
DnPunitiven-CORRECTnANSWER C
Whichnmodelnornlegislationnappliesnanholisticnapproachntowardnanyncriminalnactivitynasnanc
riminalnoperation?
AnEnterprisenTheorynofnInvestigation
BnRacketeernInfluencednandnCorruptnOrganizationsnAct
CnEvidencenExamination
DnLawnEnforcementnCybernIncidentnReportingn-CORRECTnANSWER A
Whatndoesnanforensicninvestigatornneedntonobtainnbeforenseizingnancomputingndeviceninnan
criminalncase?
AnCourtnwarrant
BnCompletedncrimenreport
CnChainnofncustodyndocument
DnPlaintiff'snpermissionn-CORRECTnANSWER A
Whichnactivitynshouldnbenusedntonchecknwhethernannapplicationnhasnevernbeenninstalledno
nnancomputer?
AnPenetrationntest
BnRisknanalysis
CnLognreview
DnSecuritynreviewn-CORRECTnANSWER C
Whichncharacteristicndescribesnannorganization'snforensicnreadinessninnthencontextnofncyb
ercrimes?
AnItnincludesnmoralnconsiderations.
BnItnincludesncostnconsiderations.
CnItnexcludesnnontechnicalnactions.
, WGU Master's Course C702 -
n n n n
nForensics and Network Intrusion With Com
n n n n n
n n n
plete Solution
D It excludes technical actions. -CORRECT ANSWER
n
n
n n B
AncybercrimeninvestigatornidentifiesnanUniversalnSerialnBusn(USB)nmemorynstickncontainin
gnemailsnasnanprimarynpiecenofnevidence.
WhonmustnsignnthenchainnofncustodyndocumentnoncenthenUSBnsticknisninnevidence?
AnThosenwhonobtainnaccessntonthendevice
BnAnyonenwhonhasnevernusednthendevice
CnRecipientsnofnemailsnonnthendevice
DnAuthorsnofnemailsnonnthendevicen-CORRECTnANSWER A
Whichntypenofnattacknisnandenial-of-
servicentechniquenthatnsendsnanlargenamountnofndatantonoverwhelmnsystemnresources?
AnPhishing
BnSpamming
CnMailnbombing
DnBluejackingn-CORRECTnANSWER C
Whichncomputerncrimenforensicsnstepnrequiresnanninvestigatorntonduplicatenandnimagenth
encollectedndigitalninformation?
AnSecuringnevidence
BnAcquiringndata
CnAnalyzingndata
DnAssessingnevidencen-CORRECTnANSWER B
Whatnisnthenlastnstepnofnancriminalninvestigationnthatnrequiresntheninvolvementnofnancomput
ernforensicninvestigator?
AnAnalyzingnthendatancollected
BnTestifyingninncourt
CnAssessingnthenevidence
DnPerformingnsearchnandnseizuren-CORRECTnANSWER B
HowncannanforensicninvestigatornverifynannAndroidnmobilendevicenisnon,nwithoutnpotentiallyn
changingnthenoriginalnevidencenorninteractingnwithnthenoperatingnsystem?
AnCheckntonseenifnitnisnpluggednintonancomputer
BnTapnthenscreennmultiplentimes
CnLooknfornflashingnlights
DnHoldndownnthenpowernbuttonn-CORRECTnANSWER C
, WGU Master's Course C702 -
n n n n
Forensics and Network Intrusion With Com
n n n n n n
n n n
plete Solution
What should a forensic investigator use to protect a mobile device if a Faraday bag is not
n
n
n n n n n n n n n n n n
available?
n
AnAluminumnfoil
BnSturdyncontainer
CnCardboardnbox
DnBubblenwrapn-CORRECTnANSWER A
Whichncriterionndeterminesnwhethernantechnologynusednbyngovernmentntonobtainninformat
ionninnancomputernsearchnisnconsideredninnovativenandnrequiresnansearchnwarrant?
AnAvailabilityntonthengeneralnpublic
BnDependencynonnthird-partynsoftware
CnImplementationnbasednonnopennsourcensoftware
DnUsenofncloud-basednmachinenlearningn-CORRECTnANSWER A
Whichnsituationnallowsnanlawnenforcementnofficerntonseizenanhardndrivenfromnanresidencenw
ithoutnobtainingnansearchnwarrant?
AnThencomputernisnleftnunattended.
BnThenfrontndoornisnwidenopen.
CnThenoccupantnisnactingnsuspicious.
DnThenevidencenisninnimminentndanger.n-CORRECTnANSWER D
Whichnlegalndocumentncontainsnansummarynofnfindingsnandnisnusedntonprosecute?
AnInvestigationnreport
BnSearchnwarrant
CnSearchnandnseizure
DnChainnofncustodyn-CORRECTnANSWER A
Whatnshouldnanninvestigatornusentonpreventnanynsignalsnfromnreachingnanmobilenphone?
AnFaradaynbag
BnDrynbag
CnAnti-staticncontainer
DnLocknboxn-CORRECTnANSWER A
Anforensicninvestigatornisncalledntonthenstandnasnantechnicalnwitnessninnanninternetnpaymen
tnfraudncase.
Whichnbehaviornisnconsiderednethicalnbynthisninvestigatornwhilentestifying?
AnProvidingnandnexplainingnfactsnfoundnduringntheninvestigation
, WGU Master's Course C702 -
n n n n
Forensics and Network Intrusion With Com
n n n n n n
n n
plete Solution
B Interpreting the findings and offering a clear opinion to the jury
n n
n
n n n n n n n
CnHelpingnthenjurynarrivenatnanconclusionnbasednonnthenfacts
DnAssistingnthenattorneyninncompilingnanlistnofnessentialnquestionsn-
CORRECTnANSWERnA
Angovernmentnagentnisntestifyingninnancaseninvolvingnmalwarenonnansystem.
Whatnshouldnthisnagentnhavencompliednwithnduringnsearchnandnseizure?
AnFourthnAmendment
BnStorednCommunicationsnAct
CnNetnNeutralitynBill
DnFederalnRulesnofnEvidencen-CORRECTnANSWER A
WhichnpathnshouldnanforensicninvestigatornusentonlooknfornsystemnlogsninnanMac?
An/var/log/cups/access_log
Bn/var/log/
Cn/var/audit/
Dn/var/log/install.logn-CORRECTnANSWER B
WhichntoolnshouldnanforensicninvestigatornusentonviewninformationnfromnLinuxnkernelnringnb
uffers?
Anarp
Bndmesg
Cnfsck
Dngrepn-CORRECTnANSWER B
Anforensicninvestigatornmakesnanbit-
streamncopynofnanWindowsnhardndriventhatnhasnbeennreformatted.nTheninvestigatornneedsn
tonlocatenonlynthenAdobenPDFnfilesnonnthenhardndrive.
Whichntoolnshouldnthisninvestigatornuse?
AnQuicknRecovery
BnHandynRecovery
CnEaseUSnDatanRecovery
DnStellarnDatanRecoveryn-CORRECTnANSWER C
WhichnhexadecimalnvaluenshouldnanninvestigatornsearchnforntonfindnJPEGnimagesnonnande
vice?
An0x424D
Bn0xD0CF11E0A1B11AE1
n n n n
Forensics and Network Intrusion With Com
n n n n n n
plete Solution n
Ansoftwarencompanynsuspectsnthatnemployeesnhavensetnupnautomaticncorporatenemailnfor
wardingntontheirnpersonalninboxesnagainstncompanynpolicy.nThencompanynhiresnforensicni
nvestigatorsntonidentifynthenemployeesnviolatingnpolicy,nwithnthenintentionnofnissuingnwarni
ngsntonthem.
Whichntypenofncybercrimeninvestigationnapproachnisnthisncompanyntaking?
AnCivil
BnCriminal
CnAdministrative
DnPunitiven-CORRECTnANSWER C
Whichnmodelnornlegislationnappliesnanholisticnapproachntowardnanyncriminalnactivitynasnanc
riminalnoperation?
AnEnterprisenTheorynofnInvestigation
BnRacketeernInfluencednandnCorruptnOrganizationsnAct
CnEvidencenExamination
DnLawnEnforcementnCybernIncidentnReportingn-CORRECTnANSWER A
Whatndoesnanforensicninvestigatornneedntonobtainnbeforenseizingnancomputingndeviceninnan
criminalncase?
AnCourtnwarrant
BnCompletedncrimenreport
CnChainnofncustodyndocument
DnPlaintiff'snpermissionn-CORRECTnANSWER A
Whichnactivitynshouldnbenusedntonchecknwhethernannapplicationnhasnevernbeenninstalledno
nnancomputer?
AnPenetrationntest
BnRisknanalysis
CnLognreview
DnSecuritynreviewn-CORRECTnANSWER C
Whichncharacteristicndescribesnannorganization'snforensicnreadinessninnthencontextnofncyb
ercrimes?
AnItnincludesnmoralnconsiderations.
BnItnincludesncostnconsiderations.
CnItnexcludesnnontechnicalnactions.
, WGU Master's Course C702 -
n n n n
nForensics and Network Intrusion With Com
n n n n n
n n n
plete Solution
D It excludes technical actions. -CORRECT ANSWER
n
n
n n B
AncybercrimeninvestigatornidentifiesnanUniversalnSerialnBusn(USB)nmemorynstickncontainin
gnemailsnasnanprimarynpiecenofnevidence.
WhonmustnsignnthenchainnofncustodyndocumentnoncenthenUSBnsticknisninnevidence?
AnThosenwhonobtainnaccessntonthendevice
BnAnyonenwhonhasnevernusednthendevice
CnRecipientsnofnemailsnonnthendevice
DnAuthorsnofnemailsnonnthendevicen-CORRECTnANSWER A
Whichntypenofnattacknisnandenial-of-
servicentechniquenthatnsendsnanlargenamountnofndatantonoverwhelmnsystemnresources?
AnPhishing
BnSpamming
CnMailnbombing
DnBluejackingn-CORRECTnANSWER C
Whichncomputerncrimenforensicsnstepnrequiresnanninvestigatorntonduplicatenandnimagenth
encollectedndigitalninformation?
AnSecuringnevidence
BnAcquiringndata
CnAnalyzingndata
DnAssessingnevidencen-CORRECTnANSWER B
Whatnisnthenlastnstepnofnancriminalninvestigationnthatnrequiresntheninvolvementnofnancomput
ernforensicninvestigator?
AnAnalyzingnthendatancollected
BnTestifyingninncourt
CnAssessingnthenevidence
DnPerformingnsearchnandnseizuren-CORRECTnANSWER B
HowncannanforensicninvestigatornverifynannAndroidnmobilendevicenisnon,nwithoutnpotentiallyn
changingnthenoriginalnevidencenorninteractingnwithnthenoperatingnsystem?
AnCheckntonseenifnitnisnpluggednintonancomputer
BnTapnthenscreennmultiplentimes
CnLooknfornflashingnlights
DnHoldndownnthenpowernbuttonn-CORRECTnANSWER C
, WGU Master's Course C702 -
n n n n
Forensics and Network Intrusion With Com
n n n n n n
n n n
plete Solution
What should a forensic investigator use to protect a mobile device if a Faraday bag is not
n
n
n n n n n n n n n n n n
available?
n
AnAluminumnfoil
BnSturdyncontainer
CnCardboardnbox
DnBubblenwrapn-CORRECTnANSWER A
Whichncriterionndeterminesnwhethernantechnologynusednbyngovernmentntonobtainninformat
ionninnancomputernsearchnisnconsideredninnovativenandnrequiresnansearchnwarrant?
AnAvailabilityntonthengeneralnpublic
BnDependencynonnthird-partynsoftware
CnImplementationnbasednonnopennsourcensoftware
DnUsenofncloud-basednmachinenlearningn-CORRECTnANSWER A
Whichnsituationnallowsnanlawnenforcementnofficerntonseizenanhardndrivenfromnanresidencenw
ithoutnobtainingnansearchnwarrant?
AnThencomputernisnleftnunattended.
BnThenfrontndoornisnwidenopen.
CnThenoccupantnisnactingnsuspicious.
DnThenevidencenisninnimminentndanger.n-CORRECTnANSWER D
Whichnlegalndocumentncontainsnansummarynofnfindingsnandnisnusedntonprosecute?
AnInvestigationnreport
BnSearchnwarrant
CnSearchnandnseizure
DnChainnofncustodyn-CORRECTnANSWER A
Whatnshouldnanninvestigatornusentonpreventnanynsignalsnfromnreachingnanmobilenphone?
AnFaradaynbag
BnDrynbag
CnAnti-staticncontainer
DnLocknboxn-CORRECTnANSWER A
Anforensicninvestigatornisncalledntonthenstandnasnantechnicalnwitnessninnanninternetnpaymen
tnfraudncase.
Whichnbehaviornisnconsiderednethicalnbynthisninvestigatornwhilentestifying?
AnProvidingnandnexplainingnfactsnfoundnduringntheninvestigation
, WGU Master's Course C702 -
n n n n
Forensics and Network Intrusion With Com
n n n n n n
n n
plete Solution
B Interpreting the findings and offering a clear opinion to the jury
n n
n
n n n n n n n
CnHelpingnthenjurynarrivenatnanconclusionnbasednonnthenfacts
DnAssistingnthenattorneyninncompilingnanlistnofnessentialnquestionsn-
CORRECTnANSWERnA
Angovernmentnagentnisntestifyingninnancaseninvolvingnmalwarenonnansystem.
Whatnshouldnthisnagentnhavencompliednwithnduringnsearchnandnseizure?
AnFourthnAmendment
BnStorednCommunicationsnAct
CnNetnNeutralitynBill
DnFederalnRulesnofnEvidencen-CORRECTnANSWER A
WhichnpathnshouldnanforensicninvestigatornusentonlooknfornsystemnlogsninnanMac?
An/var/log/cups/access_log
Bn/var/log/
Cn/var/audit/
Dn/var/log/install.logn-CORRECTnANSWER B
WhichntoolnshouldnanforensicninvestigatornusentonviewninformationnfromnLinuxnkernelnringnb
uffers?
Anarp
Bndmesg
Cnfsck
Dngrepn-CORRECTnANSWER B
Anforensicninvestigatornmakesnanbit-
streamncopynofnanWindowsnhardndriventhatnhasnbeennreformatted.nTheninvestigatornneedsn
tonlocatenonlynthenAdobenPDFnfilesnonnthenhardndrive.
Whichntoolnshouldnthisninvestigatornuse?
AnQuicknRecovery
BnHandynRecovery
CnEaseUSnDatanRecovery
DnStellarnDatanRecoveryn-CORRECTnANSWER C
WhichnhexadecimalnvaluenshouldnanninvestigatornsearchnforntonfindnJPEGnimagesnonnande
vice?
An0x424D
Bn0xD0CF11E0A1B11AE1
