D431 Digital Forensics | Questions and Answers
Questions in this set (50)
Which law requires both parties to ECPA (Electronic Communications Privacy Act)
consent to the recording of a
conversation?
Which law is related to the Health Insurance Portability and Accountability Act (HIPAA)
disclosure of personally
identifiable protected health
information (PHI)?
Which U.S. law criminalizes the 18 U.S.C. 2252B
act of knowingly using a
misleading domain name with the
intent to deceive a minor into
viewing harmful material?
Which U.S. law protects journalists The Privacy Protection Act (PPA)
from turning over their work or
sources to law enforcement
before the information is
shared with the public?
Which law or guideline lists the NIST SP 800-72 Guidelines
four states a mobile device can
be in when data is extracted
from it?
Which law includes a provision Communications Assistance to Law Enforcement Act (CALEA)
permitting the wiretapping of
VoIP calls?
Which policy is included in the The email sender must provide some mechanism whereby the
CAN-SPAM Act? receiver can opt out of future emails and that method cannot require
the receiver to pay in order to opt out.
Which United States law Communication Assistance to Law Enforcement Act (CALEA)
requires telecommunications
equipment manufacturers to
provide built-in surveillance
capabilities for federal agencies?
, Which law requires a search The Fourth Amendment to the U.S. Constitution
warrant or one of the recognized
exceptions to the search
warrant requirements for
searching email messages on a
computer?
Where are local passwords stored SAM file in \Windows\System32\
for the Windows operating
system?
Where on a Windows system is C:\Windows\System32
the config folder located that
contains the SAM file?
A forensic examiner wants to try Registry
to extract passwords for wireless
networks to which a system was
connected. Where should
passwords for wireless networks
be stored
on a Windows XP system?
Which Windows password Ophcrack
cracking tool uses rainbow
tables?
How does a rainbow table work It uses a table of all possible keyboard combinations and their hash
to crack a password? values, then searches for a match.
What should a forensic Email header
investigator use to gather the
most reliable routing information
for tracking an email message?
Which activity involves email Determining the ownership of the source email server
tracing?
A forensic examiner reviews a /var/log
laptop running OS X which has
been compromised. The
examiner wants to know if there
were any mounted volumes
created from USB drives. Which
digital evidence should be
reviewed?
Which log or folder contains /var/spool/cups
information about printed
documents on a computer
running Mac OS X?
Which Windows event log Security
should be checked for
evidence of invalid logon
attempts?
A cyber security organization /Library/Receipts
has issued a warning about a
cybercriminal who is using a
known vulnerability to attack
Questions in this set (50)
Which law requires both parties to ECPA (Electronic Communications Privacy Act)
consent to the recording of a
conversation?
Which law is related to the Health Insurance Portability and Accountability Act (HIPAA)
disclosure of personally
identifiable protected health
information (PHI)?
Which U.S. law criminalizes the 18 U.S.C. 2252B
act of knowingly using a
misleading domain name with the
intent to deceive a minor into
viewing harmful material?
Which U.S. law protects journalists The Privacy Protection Act (PPA)
from turning over their work or
sources to law enforcement
before the information is
shared with the public?
Which law or guideline lists the NIST SP 800-72 Guidelines
four states a mobile device can
be in when data is extracted
from it?
Which law includes a provision Communications Assistance to Law Enforcement Act (CALEA)
permitting the wiretapping of
VoIP calls?
Which policy is included in the The email sender must provide some mechanism whereby the
CAN-SPAM Act? receiver can opt out of future emails and that method cannot require
the receiver to pay in order to opt out.
Which United States law Communication Assistance to Law Enforcement Act (CALEA)
requires telecommunications
equipment manufacturers to
provide built-in surveillance
capabilities for federal agencies?
, Which law requires a search The Fourth Amendment to the U.S. Constitution
warrant or one of the recognized
exceptions to the search
warrant requirements for
searching email messages on a
computer?
Where are local passwords stored SAM file in \Windows\System32\
for the Windows operating
system?
Where on a Windows system is C:\Windows\System32
the config folder located that
contains the SAM file?
A forensic examiner wants to try Registry
to extract passwords for wireless
networks to which a system was
connected. Where should
passwords for wireless networks
be stored
on a Windows XP system?
Which Windows password Ophcrack
cracking tool uses rainbow
tables?
How does a rainbow table work It uses a table of all possible keyboard combinations and their hash
to crack a password? values, then searches for a match.
What should a forensic Email header
investigator use to gather the
most reliable routing information
for tracking an email message?
Which activity involves email Determining the ownership of the source email server
tracing?
A forensic examiner reviews a /var/log
laptop running OS X which has
been compromised. The
examiner wants to know if there
were any mounted volumes
created from USB drives. Which
digital evidence should be
reviewed?
Which log or folder contains /var/spool/cups
information about printed
documents on a computer
running Mac OS X?
Which Windows event log Security
should be checked for
evidence of invalid logon
attempts?
A cyber security organization /Library/Receipts
has issued a warning about a
cybercriminal who is using a
known vulnerability to attack
