D431 - PreAssessment Based Practice Exam 2
In digital forensic The reliability and integrity of the 3 multiple choice
investigations, what does evidence collected options
the term "forensic
soundness" primarily refer
to?
Which of the following Acquiring only the files visible through 3 multiple choice
best describes a logical the operating system options
acquisition?
When performing a live Because volatile data may be lost once the system is
forensic analysis on a powered down or rebooted
running system, why is it
critical to record volatile 3 multiple choice options
data first?
Which tool is primarily Cellebrite UFED 3 multiple choice
used for forensic analysis options
of Android devices?
What is the primary To prevent the original data from being modified during
purpose of using a write acquisition
blocker during forensic 3 multiple choice options
acquisition?
Which forensic tool is Volatility Framework 3 multiple choice
renowned for options
analyzing memory
dumps to detect
, malware and
suspicious processes?
In network forensics, what To capture and analyze network traffic 3 multiple choice
is the primary function of a in real time options
packet sniffer?
What is "file slack" and why Unused space within a file's allocated clusters that may contain
is it important in forensic residual data
investigations? 3 multiple choice options
When examining an email They offer detailed routing and sender information
as forensic evidence, what essential for tracking the email's source
critical information do 3 multiple choice options
email headers provide?
In digital forensic practice, To capture the contents of volatile memory for subsequent
what is the primary analysis
purpose of performing a
memory dump? 3 multiple choice options
In digital forensic The reliability and integrity of the 3 multiple choice
investigations, what does evidence collected options
the term "forensic
soundness" primarily refer
to?
Which of the following Acquiring only the files visible through 3 multiple choice
best describes a logical the operating system options
acquisition?
When performing a live Because volatile data may be lost once the system is
forensic analysis on a powered down or rebooted
running system, why is it
critical to record volatile 3 multiple choice options
data first?
Which tool is primarily Cellebrite UFED 3 multiple choice
used for forensic analysis options
of Android devices?
What is the primary To prevent the original data from being modified during
purpose of using a write acquisition
blocker during forensic 3 multiple choice options
acquisition?
Which forensic tool is Volatility Framework 3 multiple choice
renowned for options
analyzing memory
dumps to detect
, malware and
suspicious processes?
In network forensics, what To capture and analyze network traffic 3 multiple choice
is the primary function of a in real time options
packet sniffer?
What is "file slack" and why Unused space within a file's allocated clusters that may contain
is it important in forensic residual data
investigations? 3 multiple choice options
When examining an email They offer detailed routing and sender information
as forensic evidence, what essential for tracking the email's source
critical information do 3 multiple choice options
email headers provide?
In digital forensic practice, To capture the contents of volatile memory for subsequent
what is the primary analysis
purpose of performing a
memory dump? 3 multiple choice options
