WGU C840 - Digital Forensics in Cybersecurityz z z z z z
Questions & Answers 2022/2023 z z z
1. The chief information officer of an accounting firm believes sensitive datais
z z z z z z z z z z z z
being exposed on the local network. Which tool should the IT staff use togathe
z z z z z z z z z z z z z z
r digital evidence about this security vulnerability?
z z z z z z
A Sniffer
z
B Disk analyzer
z z z
C Tracer
z
D Virus scanner>>>>A
z z
2. A police detective investigating a threat traces the source to a house.Theco
z z z z z z z z z z z z z
uple at the house shows the detective the only computer the family owns,whic
z z z z z z z z z z z z z
h is in their son's bedroom.The couple states that their son is presentlyin class
z z z z z z z z z z z z z z z z
at a local middle school.
z z z z
How should the detective legally gain access to the computer?A
z z z z z z z z z z z
Obtain a search warrant from the police
z z z z z z
B Seize the computer under the USA Patriot Act
z z z z z z z z
C Obtain consent to search from the parents
z z z z z z z
D Seize the computer under the Computer Security Act>>>>C
z z z z z z z z
3. How should a forensic scientist obtain the network configuration from aWi
z z z z z z z z z z z
ndows PC before seizing it from a crime scene?
z z z z z z z z
1z/z77
,A By using the ipconfig command from a command prompt on the computerB
z z z z z z z z z z z z z z
By using the tracert command from a command prompt on the computerC By
z z z z z z z z z z z z z z
logging into the router to which the PC is connected
z z z z z z z z z
D By installing a network packet sniffer on the computer>>>>A
z z z z z z z z z
4. The human resources manager of a small accounting firm believes he mayha
z z z z z z z z z z z z
ve been a victim of a phishing scam. The manager clicked on a link in anemail
z z z z z z z z z z z z z z z z z
message that asked him to verify the logon credentials for the firm's online ba
z z z z z z z z z z z z z
nk account.
z
Which digital evidence should a forensic investigator collect to investigateth
z z z z z z z z z z
is incident?
z
A System log
z z z
B Security log
z z z
C Disk cache
z z
D Browser cache>>>>D
z z
2z/z77
,5. After a company's single- z z z
purpose, dedicated messaging server is hackedby a cybercriminal, a forensic
z z z z z z z z z z
s expert is hired to investigate the crime and collect evidence.
z z z z z z z z z z
Which digital evidence should be collected?
z z z z z z
A Web server logs
z z z
B Firewall logs
z z
C Phishing emails
z z
D Spam messages>>>>B
z z
6. Thomas received an email stating that he needed to follow a link and verifyhis
z z z z z z z z z z z z z z z
bank account information to ensure it was secure. Shortly after followingthe in
z z z z z z z z z z z z
structions,Thomas noticed money was missing from his account.
z z z z z z z z
Which digital evidence should be considered to determine how Thomas'accou
z z z z z z z z z z
nt information was compromised?
z z z
A Social media accounts
z z z z
B Router logs
z z
C Flash drive contents
z z z z
D Email messages>>>
z z
>D
7. The chief executive officer (CEO) of a small computer company has iden-
z z z z z z z z z z z
tified a potential hacking attack from an outside competitor.
z z z z z z z z z
Which type of evidence should a forensics investigator use to identify theso
z z z z z z z z z z z z
urce of the hack?
z z z
3z/z77
, A Disk drive backups
z z z
B Network transaction logs
z z z z
C Browser history
z z
D Email headers>>>>B
z z
8. A forensic scientist arrives at a crime scene to begin collecting evidence.
z z z z z z z z z z z
What is the first thing the forensic scientist should do?A T
z z z z z z z z z z z
urn off the power to the entire area being examined
z z z z z z z z z
B Unplug all network connections so data cannot be deleted remotely
z z z z z z z z z z
4z/z77
Questions & Answers 2022/2023 z z z
1. The chief information officer of an accounting firm believes sensitive datais
z z z z z z z z z z z z
being exposed on the local network. Which tool should the IT staff use togathe
z z z z z z z z z z z z z z
r digital evidence about this security vulnerability?
z z z z z z
A Sniffer
z
B Disk analyzer
z z z
C Tracer
z
D Virus scanner>>>>A
z z
2. A police detective investigating a threat traces the source to a house.Theco
z z z z z z z z z z z z z
uple at the house shows the detective the only computer the family owns,whic
z z z z z z z z z z z z z
h is in their son's bedroom.The couple states that their son is presentlyin class
z z z z z z z z z z z z z z z z
at a local middle school.
z z z z
How should the detective legally gain access to the computer?A
z z z z z z z z z z z
Obtain a search warrant from the police
z z z z z z
B Seize the computer under the USA Patriot Act
z z z z z z z z
C Obtain consent to search from the parents
z z z z z z z
D Seize the computer under the Computer Security Act>>>>C
z z z z z z z z
3. How should a forensic scientist obtain the network configuration from aWi
z z z z z z z z z z z
ndows PC before seizing it from a crime scene?
z z z z z z z z
1z/z77
,A By using the ipconfig command from a command prompt on the computerB
z z z z z z z z z z z z z z
By using the tracert command from a command prompt on the computerC By
z z z z z z z z z z z z z z
logging into the router to which the PC is connected
z z z z z z z z z
D By installing a network packet sniffer on the computer>>>>A
z z z z z z z z z
4. The human resources manager of a small accounting firm believes he mayha
z z z z z z z z z z z z
ve been a victim of a phishing scam. The manager clicked on a link in anemail
z z z z z z z z z z z z z z z z z
message that asked him to verify the logon credentials for the firm's online ba
z z z z z z z z z z z z z
nk account.
z
Which digital evidence should a forensic investigator collect to investigateth
z z z z z z z z z z
is incident?
z
A System log
z z z
B Security log
z z z
C Disk cache
z z
D Browser cache>>>>D
z z
2z/z77
,5. After a company's single- z z z
purpose, dedicated messaging server is hackedby a cybercriminal, a forensic
z z z z z z z z z z
s expert is hired to investigate the crime and collect evidence.
z z z z z z z z z z
Which digital evidence should be collected?
z z z z z z
A Web server logs
z z z
B Firewall logs
z z
C Phishing emails
z z
D Spam messages>>>>B
z z
6. Thomas received an email stating that he needed to follow a link and verifyhis
z z z z z z z z z z z z z z z
bank account information to ensure it was secure. Shortly after followingthe in
z z z z z z z z z z z z
structions,Thomas noticed money was missing from his account.
z z z z z z z z
Which digital evidence should be considered to determine how Thomas'accou
z z z z z z z z z z
nt information was compromised?
z z z
A Social media accounts
z z z z
B Router logs
z z
C Flash drive contents
z z z z
D Email messages>>>
z z
>D
7. The chief executive officer (CEO) of a small computer company has iden-
z z z z z z z z z z z
tified a potential hacking attack from an outside competitor.
z z z z z z z z z
Which type of evidence should a forensics investigator use to identify theso
z z z z z z z z z z z z
urce of the hack?
z z z
3z/z77
, A Disk drive backups
z z z
B Network transaction logs
z z z z
C Browser history
z z
D Email headers>>>>B
z z
8. A forensic scientist arrives at a crime scene to begin collecting evidence.
z z z z z z z z z z z
What is the first thing the forensic scientist should do?A T
z z z z z z z z z z z
urn off the power to the entire area being examined
z z z z z z z z z
B Unplug all network connections so data cannot be deleted remotely
z z z z z z z z z z
4z/z77
