WGU C840 Digital Forensics 143 Questions with
Verified Answers
SATA - CORRECT ANSWER The most common computer hard drives today are
__________.
ping - CORRECT ANSWER A __________ is used to send a test packet, or echo
packet, to a machine to determine if the machine is reachable and how long the
packet takes to reach the machine.
data fabrication - CORRECT ANSWER Suspects often overwhelm forensic analysts
with false positives and false leads. This is referred to as__________.
The Daubert Standard dictates that only methods and tools widely accepted in the
scientific community can be used in court. - CORRECT ANSWER Which of the
following is the definition of the Daubert Standard?
Privacy Protection Act of 1980 - CORRECT ANSWER The __________ protects
journalists from being required to turn over to law enforcement any work product
and documentary material, including sources, before it is disseminated to the
public.
80% - CORRECT ANSWER It has been claimed that __________ of all computers
connected to the Internet have spyware.
,DoS attacks - CORRECT ANSWER __________ is/are the cyber-equivalent of
vandalism.
malware that executes damage when a specific condition is met - CORRECT
ANSWER Which of the following is the definition of logic bomb?
rules that govern whether, when, how, and why proof of a legal case can be placed
before a judge or jury - CORRECT ANSWER Rules of evidence can be defined as
__________.
bit-level - CORRECT ANSWER Use of __________ tools enables an investigator to
reconstruct file fragments if files have been deleted or overwritten.
the DFRWS framework - CORRECT ANSWER Identification, preservation, collection,
examination, analysis, and presentation are six classes in the matrix of
__________.
the unused space between the logical end of file and the physical end of file -
CORRECT ANSWER What is meant by file slack?
digital evidence - CORRECT ANSWER Information that has been processed and
assembled so that it is relevant to an investigation and supports a specific finding
or determination is the definition of __________.
BackTrack - CORRECT ANSWER __________ is a Linux Live CD that you use to boot
a system and then use the tools. It is a free Linux distribution, making it extremely
attractive to schools teaching forensics or laboratories on a strict budget.
, temporary data - CORRECT ANSWER What name is given to data that an operating
system creates and overwrites without the computer user taking a direct action to
save this data?
Physical analysis - CORRECT ANSWER __________ is offline analysis conducted on
an evidence disk or forensic duplicate after booting from a CD or another system.
host protected area - CORRECT ANSWER What was designed as an area where
computer vendors could store data that is shielded from user activities and
operating system utilities, such as delete and format?
4.7 - CORRECT ANSWER A one-sided DVD (or digital video disc) can hold
__________ gigabytes.
RAID 3 or 4 - CORRECT ANSWER What version of RAID are the following
descriptors? Striped disks with dedicated parity combine three or more disks in a
way that protects data against loss of any one disk. Fault tolerance is achieved by
adding an extra disk to the array and dedicating it to storing parity information.
The storage capacity of the array is reduced by one disk.
steganography - CORRECT ANSWER The art and science of writing hidden
messages is the definition of what?
RSA - CORRECT ANSWER __________ is perhaps the most widely used public key
cryptography algorithm in existence today.
Verified Answers
SATA - CORRECT ANSWER The most common computer hard drives today are
__________.
ping - CORRECT ANSWER A __________ is used to send a test packet, or echo
packet, to a machine to determine if the machine is reachable and how long the
packet takes to reach the machine.
data fabrication - CORRECT ANSWER Suspects often overwhelm forensic analysts
with false positives and false leads. This is referred to as__________.
The Daubert Standard dictates that only methods and tools widely accepted in the
scientific community can be used in court. - CORRECT ANSWER Which of the
following is the definition of the Daubert Standard?
Privacy Protection Act of 1980 - CORRECT ANSWER The __________ protects
journalists from being required to turn over to law enforcement any work product
and documentary material, including sources, before it is disseminated to the
public.
80% - CORRECT ANSWER It has been claimed that __________ of all computers
connected to the Internet have spyware.
,DoS attacks - CORRECT ANSWER __________ is/are the cyber-equivalent of
vandalism.
malware that executes damage when a specific condition is met - CORRECT
ANSWER Which of the following is the definition of logic bomb?
rules that govern whether, when, how, and why proof of a legal case can be placed
before a judge or jury - CORRECT ANSWER Rules of evidence can be defined as
__________.
bit-level - CORRECT ANSWER Use of __________ tools enables an investigator to
reconstruct file fragments if files have been deleted or overwritten.
the DFRWS framework - CORRECT ANSWER Identification, preservation, collection,
examination, analysis, and presentation are six classes in the matrix of
__________.
the unused space between the logical end of file and the physical end of file -
CORRECT ANSWER What is meant by file slack?
digital evidence - CORRECT ANSWER Information that has been processed and
assembled so that it is relevant to an investigation and supports a specific finding
or determination is the definition of __________.
BackTrack - CORRECT ANSWER __________ is a Linux Live CD that you use to boot
a system and then use the tools. It is a free Linux distribution, making it extremely
attractive to schools teaching forensics or laboratories on a strict budget.
, temporary data - CORRECT ANSWER What name is given to data that an operating
system creates and overwrites without the computer user taking a direct action to
save this data?
Physical analysis - CORRECT ANSWER __________ is offline analysis conducted on
an evidence disk or forensic duplicate after booting from a CD or another system.
host protected area - CORRECT ANSWER What was designed as an area where
computer vendors could store data that is shielded from user activities and
operating system utilities, such as delete and format?
4.7 - CORRECT ANSWER A one-sided DVD (or digital video disc) can hold
__________ gigabytes.
RAID 3 or 4 - CORRECT ANSWER What version of RAID are the following
descriptors? Striped disks with dedicated parity combine three or more disks in a
way that protects data against loss of any one disk. Fault tolerance is achieved by
adding an extra disk to the array and dedicating it to storing parity information.
The storage capacity of the array is reduced by one disk.
steganography - CORRECT ANSWER The art and science of writing hidden
messages is the definition of what?
RSA - CORRECT ANSWER __________ is perhaps the most widely used public key
cryptography algorithm in existence today.
