2
C702 Newest updated Exam with precise detailed
|| || || || || || ||
solutions
Which web application weakness allows sensitive data to be unintentionally revealed to an
|| || || || || || || || || || || || ||
unauthorized user? || ||
A. Broken Access Control
|| || ||
B. Information Leakage
|| ||
C. Buffer Overflow
|| ||
D. Improper Error Handling - ✔✔B
|| || || || ||
Which situation leads to a civil investigation?
|| || || || || || ||
A. Disputes between two parties that relate to a contract violation
|| || || || || || || || || ||
B. Violations of laws that are considered to be harmful to society
|| || || || || || || || || || ||
C. Misconduct based on incorrectly following policies and procedures
|| || || || || || || ||
D. Disagreement between business partners on communication protocols - ✔✔A
|| || || || || || || || ||
What is a benefit of forensic readiness?
|| || || || || || ||
A. Establishes procedures for fast and efficient investigations
|| || || || || || ||
B. Reduces the need for interface with law enforcement
|| || || || || || || ||
C. Eliminates the need to follow regulatory requirements
|| || || || || || ||
D. Ensures maximum regulatory fines for data disclosure - ✔✔A
|| || || || || || || || ||
What should be considered when creating a forensic readiness plan?
|| || || || || || || || || ||
,2
A. Source of the evidence
|| || || ||
B. Pertinence of the evidence
|| || || ||
C. Problems that the evidence might cause in court
|| || || || || || || ||
D. Determination of which evidence to include in the report - ✔✔A
|| || || || || || || || || || ||
Which rule does a forensic investigator need to follow?
|| || || || || || || || ||
A. Use only original evidence during analysis
|| || || || || ||
B. Use well-known standard procedures
|| || || ||
C. Discuss the case with the media
|| || || || || ||
D. Include opinions with notes during analysis - ✔✔B
|| || || || || || || ||
What is the focus of Locard's exchange principle?
|| || || || || || ||
A. Any action taken should avoid changing data held on a digital device
|| || || || || || || || || || || ||
B. Anyone entering a crime scene takes something with them and leaves something behind
|| || || || || || || || || || || || ||
C. A record of all actions should be made so an independent investigator can verify the results
|| || || || || || || || || || || || || || || ||
D. The investigator has the responsibility to follow the rules of evidence - ✔✔B
|| || || || || || || || || || || || ||
What is the focus of the theory of investigation (ETI)?
|| || || || || || || || ||
A. Criminals commit a crime solely for their own benefit
|| || || || || || || || ||
B. Every crime should be investigated as an individual incident
|| || || || || || || || ||
C. Forensics can be used to identify the threat actor in a crime
|| || || || || || || || || || || ||
D. Solving one crime can tie it back to a criminal organization's activities - ✔✔D
|| || || || || || || || || || || || || ||
What allows for a lawful search to be conducted without a warrant or probable cause?
|| || || || || || || || || || || || || || ||
,2
A. Imminent destruction of evidence
|| || || || ||
B. Initial search of the scene
|| || || || ||
C. Consent of person with authority
|| || || || || ||
D. Obtained witness signatures - ✔✔C
|| || || || ||
A forensic investigator is tasked with retrieving evidence where the primary server has been
|| || || || || || || || || || || || || ||
erased. The investigator needs to rely on network logs and backup tapes to base their conclusion
|| || || || || || || || || || || || || || || ||
on while testifying in court.
|| || || ||
Which information found in the rules of evidence, Rule 1001, helps determine if this testimony is
|| || || || || || || || || || || || || || || ||
acceptable to the court? || || || ||
A. Definition of original evidence
|| || || ||
B. Requirements of original evidence
|| || || ||
C. Admissibility of duplicate evidence
|| || || ||
D. Admissibility of other evidence - ✔✔A
|| || || || || ||
When can a forensic investigator collect evidence without formal consent?
|| || || || || || || || || ||
A. When properly worded banners are displayed on the computer screen
|| || || || || || || || || ||
B. When the suspect is a minor and lives with parents or guardians
|| || || || || || || || || || || ||
C. When devices are owned by a company and provisioned to its employees
|| || || || || || || || || || || ||
D. When multiple people use the same equipment for daily work - ✔✔A
|| || || || || || || || || || || ||
What do some states require before beginning a forensic investigation?
|| || || || || || || || || ||
A. License
||
, 2
B. References
||
C. Indemnity insurance
|| ||
D. Background Check - ✔✔A
|| || || ||
Which law protects customers' sensitive data by requiring financial institutions to inform their
|| || || || || || || || || || || || ||
customers of their information-sharing practices?
|| || || || ||
A. Federal Information Security Modernization Act (FISMA)
|| || || || || ||
B. General Data Protection Regulation (GDPR)
|| || || || ||
C. Sarbanes-Oxley Act (SOX)
|| || ||
D. Gramm-Leach-Bliley Act (GLBA) - ✔✔D
|| || || || ||
Who determines whether a forensic investigation should take place if a situation is undocumented
|| || || || || || || || || || || || || ||
in the standard operation procedures?
|| || || || ||
A. Decision maker
|| ||
B. Attorney
||
C. Incident responder
|| ||
D. Examiner - ✔✔A
|| || ||
What should a forensic lab do to maintain quality assurance duing a digital forensic investigation?
|| || || || || || || || || || || || || ||
||
A. Conduct validity testing on the tools
|| || || || || ||
B. Download the latest version of the tools
|| || || || || || ||
C. Use only open-source tools
|| || || ||
D. Use only proprietary tools - ✔✔A
|| || || || || ||
What is a common task of a computer forensic investigator?
|| || || || || || || || || ||
C702 Newest updated Exam with precise detailed
|| || || || || || ||
solutions
Which web application weakness allows sensitive data to be unintentionally revealed to an
|| || || || || || || || || || || || ||
unauthorized user? || ||
A. Broken Access Control
|| || ||
B. Information Leakage
|| ||
C. Buffer Overflow
|| ||
D. Improper Error Handling - ✔✔B
|| || || || ||
Which situation leads to a civil investigation?
|| || || || || || ||
A. Disputes between two parties that relate to a contract violation
|| || || || || || || || || ||
B. Violations of laws that are considered to be harmful to society
|| || || || || || || || || || ||
C. Misconduct based on incorrectly following policies and procedures
|| || || || || || || ||
D. Disagreement between business partners on communication protocols - ✔✔A
|| || || || || || || || ||
What is a benefit of forensic readiness?
|| || || || || || ||
A. Establishes procedures for fast and efficient investigations
|| || || || || || ||
B. Reduces the need for interface with law enforcement
|| || || || || || || ||
C. Eliminates the need to follow regulatory requirements
|| || || || || || ||
D. Ensures maximum regulatory fines for data disclosure - ✔✔A
|| || || || || || || || ||
What should be considered when creating a forensic readiness plan?
|| || || || || || || || || ||
,2
A. Source of the evidence
|| || || ||
B. Pertinence of the evidence
|| || || ||
C. Problems that the evidence might cause in court
|| || || || || || || ||
D. Determination of which evidence to include in the report - ✔✔A
|| || || || || || || || || || ||
Which rule does a forensic investigator need to follow?
|| || || || || || || || ||
A. Use only original evidence during analysis
|| || || || || ||
B. Use well-known standard procedures
|| || || ||
C. Discuss the case with the media
|| || || || || ||
D. Include opinions with notes during analysis - ✔✔B
|| || || || || || || ||
What is the focus of Locard's exchange principle?
|| || || || || || ||
A. Any action taken should avoid changing data held on a digital device
|| || || || || || || || || || || ||
B. Anyone entering a crime scene takes something with them and leaves something behind
|| || || || || || || || || || || || ||
C. A record of all actions should be made so an independent investigator can verify the results
|| || || || || || || || || || || || || || || ||
D. The investigator has the responsibility to follow the rules of evidence - ✔✔B
|| || || || || || || || || || || || ||
What is the focus of the theory of investigation (ETI)?
|| || || || || || || || ||
A. Criminals commit a crime solely for their own benefit
|| || || || || || || || ||
B. Every crime should be investigated as an individual incident
|| || || || || || || || ||
C. Forensics can be used to identify the threat actor in a crime
|| || || || || || || || || || || ||
D. Solving one crime can tie it back to a criminal organization's activities - ✔✔D
|| || || || || || || || || || || || || ||
What allows for a lawful search to be conducted without a warrant or probable cause?
|| || || || || || || || || || || || || || ||
,2
A. Imminent destruction of evidence
|| || || || ||
B. Initial search of the scene
|| || || || ||
C. Consent of person with authority
|| || || || || ||
D. Obtained witness signatures - ✔✔C
|| || || || ||
A forensic investigator is tasked with retrieving evidence where the primary server has been
|| || || || || || || || || || || || || ||
erased. The investigator needs to rely on network logs and backup tapes to base their conclusion
|| || || || || || || || || || || || || || || ||
on while testifying in court.
|| || || ||
Which information found in the rules of evidence, Rule 1001, helps determine if this testimony is
|| || || || || || || || || || || || || || || ||
acceptable to the court? || || || ||
A. Definition of original evidence
|| || || ||
B. Requirements of original evidence
|| || || ||
C. Admissibility of duplicate evidence
|| || || ||
D. Admissibility of other evidence - ✔✔A
|| || || || || ||
When can a forensic investigator collect evidence without formal consent?
|| || || || || || || || || ||
A. When properly worded banners are displayed on the computer screen
|| || || || || || || || || ||
B. When the suspect is a minor and lives with parents or guardians
|| || || || || || || || || || || ||
C. When devices are owned by a company and provisioned to its employees
|| || || || || || || || || || || ||
D. When multiple people use the same equipment for daily work - ✔✔A
|| || || || || || || || || || || ||
What do some states require before beginning a forensic investigation?
|| || || || || || || || || ||
A. License
||
, 2
B. References
||
C. Indemnity insurance
|| ||
D. Background Check - ✔✔A
|| || || ||
Which law protects customers' sensitive data by requiring financial institutions to inform their
|| || || || || || || || || || || || ||
customers of their information-sharing practices?
|| || || || ||
A. Federal Information Security Modernization Act (FISMA)
|| || || || || ||
B. General Data Protection Regulation (GDPR)
|| || || || ||
C. Sarbanes-Oxley Act (SOX)
|| || ||
D. Gramm-Leach-Bliley Act (GLBA) - ✔✔D
|| || || || ||
Who determines whether a forensic investigation should take place if a situation is undocumented
|| || || || || || || || || || || || || ||
in the standard operation procedures?
|| || || || ||
A. Decision maker
|| ||
B. Attorney
||
C. Incident responder
|| ||
D. Examiner - ✔✔A
|| || ||
What should a forensic lab do to maintain quality assurance duing a digital forensic investigation?
|| || || || || || || || || || || || || ||
||
A. Conduct validity testing on the tools
|| || || || || ||
B. Download the latest version of the tools
|| || || || || || ||
C. Use only open-source tools
|| || || ||
D. Use only proprietary tools - ✔✔A
|| || || || || ||
What is a common task of a computer forensic investigator?
|| || || || || || || || || ||
