- All Exams Instant Download
In the context of file deletion process, which of the following statement holds true?
In the context of file deletion process, which of the following statement holds true?A . When files are deleted, the data is overwritten and the cluster marked as availableB . The longer a disk is in use, the less likely it is that deleted files will be overwrittenC . While...
How many law-enforcement computer investigators should you request to staff the lab?
You are working for a local police department that services a population of 1,000,000 people and you have been given the task of building a computer forensics lab. How many law-enforcement computer investigators should you request to staff the lab?A . 8B . 1C . 4D . 2View AnswerAnswer: C
The newer Macintosh Operating System is based on:
The newer Macintosh Operating System is based on:A . OS/2B . BSD UnixC . LinuxD . Microsoft WindowsView AnswerAnswer: B
During the course of an investigation, you locate evidence that may prove the innocence of the suspect of the investigation. You must maintain an unbiased opinion and be objective in your entire fact finding process. Therefore, you report this evidence.
During the course of an investigation, you locate evidence that may prove the innocence of the suspect of the investigation. You must maintain an unbiased opinion and be objective in your entire fact finding process. Therefore, you report this evidence. This type of evidence is known as:A . Inculpatory evidenceB ....
In what way do the procedures for dealing with evidence in a criminal case differ from the procedures for dealing with evidence in a civil case?
In what way do the procedures for dealing with evidence in a criminal case differ from the procedures for dealing with evidence in a civil case?A . evidence must be handled in the same way regardless of the type of caseB . evidence procedures are not important unless you work...
Why should you note all cable connections for a computer you want to seize as evidence?
Why should you note all cable connections for a computer you want to seize as evidence?A . to know what outside connections existedB . in case other devices were connectedC . to know what peripheral devices existD . to know what hardware existedView AnswerAnswer: A
A(n) _____________________ is one that's performed by a computer program rather than the attacker manually performing the steps in the attack sequence.
A(n) _____________________ is one that's performed by a computer program rather than the attacker manually performing the steps in the attack sequence.A . blackout attackB . automated attackC . distributed attackD . central processing attackView AnswerAnswer: B
When performing a forensics analysis, what device is used to prevent the system from recording data on an evidence disk?
When performing a forensics analysis, what device is used to prevent the system from recording data on an evidence disk?A . a write-blockerB . a protocol analyzerC . a firewallD . a disk editorView AnswerAnswer: A
Windows identifies which application to open a file with by examining which of the following?
Windows identifies which application to open a file with by examining which of the following?A . The File extensionB . The file attributesC . The file Signature at the end of the fileD . The file signature at the beginning of the fileView AnswerAnswer: A
Which organization coordinates computer crimes investigations throughout the United States?
Jason is the security administrator of ACMA metal Corporation. One day he notices the company's Oracle database server has been compromised and the customer information along with financial data has been stolen. The financial loss will be in millions of dollars if the database gets into the hands of the...
