WGU Master's Course C702 -
g g g g
Forensics and Network Intrusion With Com
g g g g g g
plete Solution g
Agsoftwaregcompanygsuspectsgthatgemployeesghavegsetgupgautomaticgcorporategemailgf
orwardinggtogtheirgpersonalginboxesgagainstgcompanygpolicy.gThegcompanyghiresgforen
sicginvestigatorsgtogidentifygthegemployeesgviolatinggpolicy,gwithgthegintentiongofgissuing
gwarningsgtogthem.
Whichgtypegofgcybercrimeginvestigationgapproachgisgthisgcompanygtaking?
AgCivil
BgCriminal
CgAdministrative
DgPunitiveg-CORRECTgANSWER C
Whichgmodelgorglegislationgappliesgagholisticgapproachgtowardganygcriminalgactivitygasg
agcriminalgoperation?
AgEnterprisegTheorygofgInvestigation
BgRacketeergInfluencedgandgCorruptgOrganizationsgAct
CgEvidencegExamination
DgLawgEnforcementgCybergIncidentgReportingg-CORRECTgANSWER A
Whatgdoesgagforensicginvestigatorgneedgtogobtaingbeforegseizinggagcomputinggdevicegin
gagcriminalgcase?
AgCourtgwarrant
BgCompletedgcrimegreport
CgChaingofgcustodygdocument
DgPlaintiff'sgpermissiong-CORRECTgANSWER A
Whichgactivitygshouldgbegusedgtogcheckgwhethergangapplicationghasgevergbeenginstalled
gongagcomputer?
AgPenetrationgtest
BgRiskganalysis
CgLoggreview
DgSecuritygreviewg-CORRECTgANSWER C
Whichgcharacteristicgdescribesgangorganization'sgforensicgreadinessgingthegcontextgofgc
ybercrimes?
AgItgincludesgmoralgconsiderations.
BgItgincludesgcostgconsiderations.
CgItgexcludesgnontechnicalgactions.
, WGU Master's Course C702 -
g g g g
gForensics and Network Intrusion With Com
g g g g g
g
plete Solution
g
g
D It excludes technical actions. -CORRECT ANSWER B
g g g g
AgcybercrimeginvestigatorgidentifiesgagUniversalgSerialgBusg(USB)gmemorygstickgcontai
ninggemailsgasgagprimarygpiecegofgevidence.
WhogmustgsigngthegchaingofgcustodygdocumentgoncegthegUSBgstickgisgingevidence?
AgThosegwhogobtaingaccessgtogthegdevice
BgAnyonegwhoghasgevergusedgthegdevice
CgRecipientsgofgemailsgongthegdevice
DgAuthorsgofgemailsgongthegdeviceg-CORRECTgANSWER A
Whichgtypegofgattackgisgagdenial-of-
servicegtechniquegthatgsendsgaglargegamountgofgdatagtogoverwhelmgsystemgresources?
AgPhishing
BgSpamming
CgMailgbombing
DgBluejackingg-CORRECTgANSWER C
Whichgcomputergcrimegforensicsgstepgrequiresganginvestigatorgtogduplicategandgimageg
thegcollectedgdigitalginformation?
AgSecuringgevidence
BgAcquiringgdata
CgAnalyzinggdata
DgAssessinggevidenceg-CORRECTgANSWER B
Whatgisgtheglastgstepgofgagcriminalginvestigationgthatgrequiresgtheginvolvementgofgagcom
putergforensicginvestigator?
AgAnalyzinggthegdatagcollected
BgTestifyinggingcourt
CgAssessinggthegevidence
DgPerforminggsearchgandgseizureg-CORRECTgANSWER B
HowgcangagforensicginvestigatorgverifygangAndroidgmobilegdevicegisgon,gwithoutgpotential
lygchanginggthegoriginalgevidencegorginteractinggwithgthegoperatinggsystem?
AgCheckgtogseegifgitgisgpluggedgintogagcomputer
BgTapgthegscreengmultiplegtimes
CgLookgforgflashingglights
DgHoldgdowngthegpowergbuttong-CORRECTgANSWER C
, WGU Master's Course C702 -
g g g g
Forensics and Network Intrusion With Com
g g g g g g
g g g
plete Solution
g
g
What should a forensic investigator use to protect a mobile device if a Faraday bag is
g g g g g g g g g g g g
notgavailable?
AgAluminumgfoil
BgSturdygcontainer
CgCardboardgbox
DgBubblegwrapg-CORRECTgANSWER A
Whichgcriteriongdeterminesgwhethergagtechnologygusedgbyggovernmentgtogobtainginfor
mationgingagcomputergsearchgisgconsideredginnovativegandgrequiresgagsearchgwarrant?
AgAvailabilitygtogtheggeneralgpublic
BgDependencygongthird-partygsoftware
CgImplementationgbasedgongopengsourcegsoftware
DgUsegofgcloud-basedgmachineglearningg-CORRECTgANSWER A
Whichgsituationgallowsgaglawgenforcementgofficergtogseizegaghardgdrivegfromgagresidenc
egwithoutgobtaininggagsearchgwarrant?
AgThegcomputergisgleftgunattended.
BgThegfrontgdoorgisgwidegopen.
CgThegoccupantgisgactinggsuspicious.
DgThegevidencegisgingimminentgdanger.g-CORRECTgANSWER D
Whichglegalgdocumentgcontainsgagsummarygofgfindingsgandgisgusedgtogprosecute?
AgInvestigationgreport
BgSearchgwarrant
CgSearchgandgseizure
DgChaingofgcustodyg-CORRECTgANSWER A
Whatgshouldganginvestigatorgusegtogpreventganygsignalsgfromgreachinggagmobilegphone?
AgFaradaygbag
BgDrygbag
CgAnti-staticgcontainer
DgLockgboxg-CORRECTgANSWER A
Agforensicginvestigatorgisgcalledgtogthegstandgasgagtechnicalgwitnessginganginternetgpay
mentgfraudgcase.
Whichgbehaviorgisgconsideredgethicalgbygthisginvestigatorgwhilegtestifying?
AgProvidinggandgexplaininggfactsgfoundgduringgtheginvestigation
, WGU Master's Course C702 -
g g g g
Forensics and Network Intrusion With Com
g g g g g g
g g
plete Solution
g
g
B Interpreting the findings and offering a clear opinion to the jury
g g g g g g g g
CgHelpinggthegjurygarrivegatgagconclusiongbasedgongthegfacts
DgAssistinggthegattorneygingcompilinggaglistgofgessentialgquestionsg-
CORRECTgANSWERgA
Aggovernmentgagentgisgtestifyinggingagcaseginvolvinggmalwaregongagsystem.
Whatgshouldgthisgagentghavegcompliedgwithgduringgsearchgandgseizure?
AgFourthgAmendment
BgStoredgCommunicationsgAct
CgNetgNeutralitygBill
DgFederalgRulesgofgEvidenceg-CORRECTgANSWER A
WhichgpathgshouldgagforensicginvestigatorgusegtoglookgforgsystemglogsgingagMac?
Ag/var/log/cups/access_log
Bg/var/log/
Cg/var/audit/
Dg/var/log/install.logg-CORRECTgANSWER B
WhichgtoolgshouldgagforensicginvestigatorgusegtogviewginformationgfromgLinuxgkernelgrin
ggbuffers?
Agarp
Bgdmesg
Cgfsck
Dggrepg-CORRECTgANSWER B
Agforensicginvestigatorgmakesgagbit-
streamgcopygofgagWindowsghardgdrivegthatghasgbeengreformatted.gTheginvestigatorgnee
dsgtoglocategonlygthegAdobegPDFgfilesgongtheghardgdrive.
Whichgtoolgshouldgthisginvestigatorguse?
AgQuickgRecovery
BgHandygRecovery
CgEaseUSgDatagRecovery
DgStellargDatagRecoveryg-CORRECTgANSWER C
WhichghexadecimalgvaluegshouldganginvestigatorgsearchgforgtogfindgJPEGgimagesgongag
device?
Ag0x424D
Bg0xD0CF11E0A1B11AE1
g g g g
Forensics and Network Intrusion With Com
g g g g g g
plete Solution g
Agsoftwaregcompanygsuspectsgthatgemployeesghavegsetgupgautomaticgcorporategemailgf
orwardinggtogtheirgpersonalginboxesgagainstgcompanygpolicy.gThegcompanyghiresgforen
sicginvestigatorsgtogidentifygthegemployeesgviolatinggpolicy,gwithgthegintentiongofgissuing
gwarningsgtogthem.
Whichgtypegofgcybercrimeginvestigationgapproachgisgthisgcompanygtaking?
AgCivil
BgCriminal
CgAdministrative
DgPunitiveg-CORRECTgANSWER C
Whichgmodelgorglegislationgappliesgagholisticgapproachgtowardganygcriminalgactivitygasg
agcriminalgoperation?
AgEnterprisegTheorygofgInvestigation
BgRacketeergInfluencedgandgCorruptgOrganizationsgAct
CgEvidencegExamination
DgLawgEnforcementgCybergIncidentgReportingg-CORRECTgANSWER A
Whatgdoesgagforensicginvestigatorgneedgtogobtaingbeforegseizinggagcomputinggdevicegin
gagcriminalgcase?
AgCourtgwarrant
BgCompletedgcrimegreport
CgChaingofgcustodygdocument
DgPlaintiff'sgpermissiong-CORRECTgANSWER A
Whichgactivitygshouldgbegusedgtogcheckgwhethergangapplicationghasgevergbeenginstalled
gongagcomputer?
AgPenetrationgtest
BgRiskganalysis
CgLoggreview
DgSecuritygreviewg-CORRECTgANSWER C
Whichgcharacteristicgdescribesgangorganization'sgforensicgreadinessgingthegcontextgofgc
ybercrimes?
AgItgincludesgmoralgconsiderations.
BgItgincludesgcostgconsiderations.
CgItgexcludesgnontechnicalgactions.
, WGU Master's Course C702 -
g g g g
gForensics and Network Intrusion With Com
g g g g g
g
plete Solution
g
g
D It excludes technical actions. -CORRECT ANSWER B
g g g g
AgcybercrimeginvestigatorgidentifiesgagUniversalgSerialgBusg(USB)gmemorygstickgcontai
ninggemailsgasgagprimarygpiecegofgevidence.
WhogmustgsigngthegchaingofgcustodygdocumentgoncegthegUSBgstickgisgingevidence?
AgThosegwhogobtaingaccessgtogthegdevice
BgAnyonegwhoghasgevergusedgthegdevice
CgRecipientsgofgemailsgongthegdevice
DgAuthorsgofgemailsgongthegdeviceg-CORRECTgANSWER A
Whichgtypegofgattackgisgagdenial-of-
servicegtechniquegthatgsendsgaglargegamountgofgdatagtogoverwhelmgsystemgresources?
AgPhishing
BgSpamming
CgMailgbombing
DgBluejackingg-CORRECTgANSWER C
Whichgcomputergcrimegforensicsgstepgrequiresganginvestigatorgtogduplicategandgimageg
thegcollectedgdigitalginformation?
AgSecuringgevidence
BgAcquiringgdata
CgAnalyzinggdata
DgAssessinggevidenceg-CORRECTgANSWER B
Whatgisgtheglastgstepgofgagcriminalginvestigationgthatgrequiresgtheginvolvementgofgagcom
putergforensicginvestigator?
AgAnalyzinggthegdatagcollected
BgTestifyinggingcourt
CgAssessinggthegevidence
DgPerforminggsearchgandgseizureg-CORRECTgANSWER B
HowgcangagforensicginvestigatorgverifygangAndroidgmobilegdevicegisgon,gwithoutgpotential
lygchanginggthegoriginalgevidencegorginteractinggwithgthegoperatinggsystem?
AgCheckgtogseegifgitgisgpluggedgintogagcomputer
BgTapgthegscreengmultiplegtimes
CgLookgforgflashingglights
DgHoldgdowngthegpowergbuttong-CORRECTgANSWER C
, WGU Master's Course C702 -
g g g g
Forensics and Network Intrusion With Com
g g g g g g
g g g
plete Solution
g
g
What should a forensic investigator use to protect a mobile device if a Faraday bag is
g g g g g g g g g g g g
notgavailable?
AgAluminumgfoil
BgSturdygcontainer
CgCardboardgbox
DgBubblegwrapg-CORRECTgANSWER A
Whichgcriteriongdeterminesgwhethergagtechnologygusedgbyggovernmentgtogobtainginfor
mationgingagcomputergsearchgisgconsideredginnovativegandgrequiresgagsearchgwarrant?
AgAvailabilitygtogtheggeneralgpublic
BgDependencygongthird-partygsoftware
CgImplementationgbasedgongopengsourcegsoftware
DgUsegofgcloud-basedgmachineglearningg-CORRECTgANSWER A
Whichgsituationgallowsgaglawgenforcementgofficergtogseizegaghardgdrivegfromgagresidenc
egwithoutgobtaininggagsearchgwarrant?
AgThegcomputergisgleftgunattended.
BgThegfrontgdoorgisgwidegopen.
CgThegoccupantgisgactinggsuspicious.
DgThegevidencegisgingimminentgdanger.g-CORRECTgANSWER D
Whichglegalgdocumentgcontainsgagsummarygofgfindingsgandgisgusedgtogprosecute?
AgInvestigationgreport
BgSearchgwarrant
CgSearchgandgseizure
DgChaingofgcustodyg-CORRECTgANSWER A
Whatgshouldganginvestigatorgusegtogpreventganygsignalsgfromgreachinggagmobilegphone?
AgFaradaygbag
BgDrygbag
CgAnti-staticgcontainer
DgLockgboxg-CORRECTgANSWER A
Agforensicginvestigatorgisgcalledgtogthegstandgasgagtechnicalgwitnessginganginternetgpay
mentgfraudgcase.
Whichgbehaviorgisgconsideredgethicalgbygthisginvestigatorgwhilegtestifying?
AgProvidinggandgexplaininggfactsgfoundgduringgtheginvestigation
, WGU Master's Course C702 -
g g g g
Forensics and Network Intrusion With Com
g g g g g g
g g
plete Solution
g
g
B Interpreting the findings and offering a clear opinion to the jury
g g g g g g g g
CgHelpinggthegjurygarrivegatgagconclusiongbasedgongthegfacts
DgAssistinggthegattorneygingcompilinggaglistgofgessentialgquestionsg-
CORRECTgANSWERgA
Aggovernmentgagentgisgtestifyinggingagcaseginvolvinggmalwaregongagsystem.
Whatgshouldgthisgagentghavegcompliedgwithgduringgsearchgandgseizure?
AgFourthgAmendment
BgStoredgCommunicationsgAct
CgNetgNeutralitygBill
DgFederalgRulesgofgEvidenceg-CORRECTgANSWER A
WhichgpathgshouldgagforensicginvestigatorgusegtoglookgforgsystemglogsgingagMac?
Ag/var/log/cups/access_log
Bg/var/log/
Cg/var/audit/
Dg/var/log/install.logg-CORRECTgANSWER B
WhichgtoolgshouldgagforensicginvestigatorgusegtogviewginformationgfromgLinuxgkernelgrin
ggbuffers?
Agarp
Bgdmesg
Cgfsck
Dggrepg-CORRECTgANSWER B
Agforensicginvestigatorgmakesgagbit-
streamgcopygofgagWindowsghardgdrivegthatghasgbeengreformatted.gTheginvestigatorgnee
dsgtoglocategonlygthegAdobegPDFgfilesgongtheghardgdrive.
Whichgtoolgshouldgthisginvestigatorguse?
AgQuickgRecovery
BgHandygRecovery
CgEaseUSgDatagRecovery
DgStellargDatagRecoveryg-CORRECTgANSWER C
WhichghexadecimalgvaluegshouldganginvestigatorgsearchgforgtogfindgJPEGgimagesgongag
device?
Ag0x424D
Bg0xD0CF11E0A1B11AE1
