- All Exams Instant Download
What area of the law is the employee violating?
You are working for a large clothing manufacturer as a computer forensics investigator and are called in to investigate an unusual case of an employee possibly stealing clothing designs from the company and selling them under a different brand name for a different company. What you discover during the course of...
Which is a standard procedure to perform during all computer forensics investigations?
Which is a standard procedure to perform during all computer forensics investigations?A . with the hard drive removed from the suspect PC, check the date and time in the system's CMOSB . with the hard drive in the suspect PC, check the date and time in the File Allocation TableC...
Diskcopy is:
Diskcopy is:A . a utility by AccessDataB . a standard MS-DOS commandC . Digital Intelligence utilityD . dd copying toolView AnswerAnswer: B Explanation: diskcopy is a STANDARD DOS utility. C:WINDOWS>diskcopy /? Copies the contents of one floppy disk to another.
What does the acronym POST mean as it relates to a PC?
What does the acronym POST mean as it relates to a PC?A . Primary Operations Short TestB . PowerOn Self TestC . Pre Operational Situation TestD . Primary Operating System TestView AnswerAnswer: B
What is a Virtual Environment?
Bob has been trying to penetrate a remote production system for the past two weeks. This time however, he is able to get into the system. He was able to use the System for a period of three weeks. However, law enforcement agencies were recoding his every activity and this...
What is that code called?
Office documents (Word, Excel, PowerPoint) contain a code that allows tracking the MAC, or unique identifier, of the machine that created the document. What is that code called?A . the Microsoft Virtual Machine IdentifierB . the Personal Application ProtocolC . the Globally Unique IDD . the Individual ASCII StringView AnswerAnswer: C
If you discover a criminal act while investigating a corporate policy abuse, it becomes a publicsector investigation and should be referred to law enforcement?
If you discover a criminal act while investigating a corporate policy abuse, it becomes a publicsector investigation and should be referred to law enforcement?A . trueB . falseView AnswerAnswer: A
From the following spam mail header, identify the host IP that sent this spam?
From the following spam mail header, identify the host IP that sent this spam? From [email protected] [email protected] Tue Nov 27 17:27:11 2001 Received: from viruswall.ie.cuhk.edu.hk (viruswall [137.189.96.52]) by eng.ie.cuhk.edu.hk (8.11.6/8.11.6) with ESMTP id fAR9RAP23061 for ; Tue, 27 Nov 2001 17:27:10 +0800 (HKT) Received: from mydomain.com (pcd249020.netvigator.com [203.218.39.20]) by viruswall.ie.cuhk.edu.hk (8.12.1/8.12.1) with SMTP id fAR9QXwZ018431 for ;...
What can the investigator do to prove the violation?
A suspect is accused of violating the acceptable use of computing resources, as he has visited adult websites and downloaded images. The investigator wants to demonstrate that the suspect did indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie cache. Moreover, he has...
What method of computer forensics will allow you to trace all ever-established user accounts on a Windows 2000 sever the course of its lifetime?
What method of computer forensics will allow you to trace all ever-established user accounts on a Windows 2000 sever the course of its lifetime?A . forensic duplication of hard driveB . analysis of volatile dataC . comparison of MD5 checksumsD . review of SIDs in the RegistryView AnswerAnswer: C
