WGU C840 Digital Forensics Exam 153 Questions
with Verified Answers
Sniffer - CORRECT ANSWER The chief information officer of an accounting firm
believes sensitive data is being exposed on the local network. Which tool should
the IT staff use to gather digital evidence about this security vulnerability?
Sniffer
Tracer
Disk analyzer
Virus scanner
Obtain consent to search from the parents - CORRECT ANSWER A police detective
investigating a threat traces the source to a house. The couple at the house shows
the detective the only computer the family owns, which is in their son's bedroom.
The couple states that their son is presently in class at a local middle school.How
should the detective legally gain access to the computer?
Obtain consent to search from the parents
Seize the computer under the USA Patriot Act
Seize the computer under the Computer Security Act
Obtain a search warrant from the police
,By using the ipconfig command from a command prompt on the computer -
CORRECT ANSWER How should a forensic scientist obtain the network
configuration from a Windows PC before seizing it from a crime scene?
By using the ipconfig command from a command prompt on the computer
By using the tracert command from a command prompt on the computer
By installing a network packet sniffer on the computer
By logging into the router to which the PC is connected
Browser cache - CORRECT ANSWER The human resources manager of a small
accounting firm believes he may have been a victim of a phishing scam. The
manager clicked on a link in an email message that asked him to verify the logon
credentials for the firm's online bank account. Which digital evidence should a
forensic investigator collect to investigate this incident?
Browser cache
Security log
System log
Disk cache
Firewall logs - CORRECT ANSWER After a company's single-purpose, dedicated
messaging server is hacked by a cybercriminal, a forensics expert is hired to
investigate the crime and collect evidence. Which digital evidence should be
collected?
Firewall logs
, Web server logs
Phishing emails
Spam messages
Email messages - CORRECT ANSWER Thomas received an email stating that he
needed to follow a link and verify his bank account information to ensure it was
secure. Shortly after following the instructions, Thomas noticed money was
missing from his account. Which digital evidence should be considered to
determine how Thomas' account information was compromised?
Flash drive contents
Social media accounts
Email messages
Router logs
Network transaction logs - CORRECT ANSWER The chief executive officer (CEO) of
a small computer company has identified a potential hacking attack from an
outside competitor. Which type of evidence should a forensics investigator use to
identify the source of the hack?
Browser history
Email headers
Network transaction logs
Disk drive backups
with Verified Answers
Sniffer - CORRECT ANSWER The chief information officer of an accounting firm
believes sensitive data is being exposed on the local network. Which tool should
the IT staff use to gather digital evidence about this security vulnerability?
Sniffer
Tracer
Disk analyzer
Virus scanner
Obtain consent to search from the parents - CORRECT ANSWER A police detective
investigating a threat traces the source to a house. The couple at the house shows
the detective the only computer the family owns, which is in their son's bedroom.
The couple states that their son is presently in class at a local middle school.How
should the detective legally gain access to the computer?
Obtain consent to search from the parents
Seize the computer under the USA Patriot Act
Seize the computer under the Computer Security Act
Obtain a search warrant from the police
,By using the ipconfig command from a command prompt on the computer -
CORRECT ANSWER How should a forensic scientist obtain the network
configuration from a Windows PC before seizing it from a crime scene?
By using the ipconfig command from a command prompt on the computer
By using the tracert command from a command prompt on the computer
By installing a network packet sniffer on the computer
By logging into the router to which the PC is connected
Browser cache - CORRECT ANSWER The human resources manager of a small
accounting firm believes he may have been a victim of a phishing scam. The
manager clicked on a link in an email message that asked him to verify the logon
credentials for the firm's online bank account. Which digital evidence should a
forensic investigator collect to investigate this incident?
Browser cache
Security log
System log
Disk cache
Firewall logs - CORRECT ANSWER After a company's single-purpose, dedicated
messaging server is hacked by a cybercriminal, a forensics expert is hired to
investigate the crime and collect evidence. Which digital evidence should be
collected?
Firewall logs
, Web server logs
Phishing emails
Spam messages
Email messages - CORRECT ANSWER Thomas received an email stating that he
needed to follow a link and verify his bank account information to ensure it was
secure. Shortly after following the instructions, Thomas noticed money was
missing from his account. Which digital evidence should be considered to
determine how Thomas' account information was compromised?
Flash drive contents
Social media accounts
Email messages
Router logs
Network transaction logs - CORRECT ANSWER The chief executive officer (CEO) of
a small computer company has identified a potential hacking attack from an
outside competitor. Which type of evidence should a forensics investigator use to
identify the source of the hack?
Browser history
Email headers
Network transaction logs
Disk drive backups
