- All Exams Instant Download
What file structure database would you expect to find on floppy disks?
What file structure database would you expect to find on floppy disks?A . NTFSB . FAT32C . FAT16D . FAT12View AnswerAnswer: D
E-mail logs contain which of the following information to help you in your investigation? (Choose four.)
E-mail logs contain which of the following information to help you in your investigation? (Choose four.)A . user account that was used to send the accountB . attachments sent with the e-mail messageC . unique message identifierD . contents of the e-mail messageE . date and time the message was...
Which response organization tracks hoaxes as well as viruses?
Which response organization tracks hoaxes as well as viruses?A . NIPCB . FEDCIRCC . CERTD . CIACView AnswerAnswer: D
What type of attack occurs when an attacker can force a router to stop forwarding packets by flooding the router with many open connections simultaneously so that all the hosts behind the router are effectively disabled?
What type of attack occurs when an attacker can force a router to stop forwarding packets by flooding the router with many open connections simultaneously so that all the hosts behind the router are effectively disabled?A . digital attackB . denial of serviceC . physical attackD . ARP redirectView AnswerAnswer:...
In a forensic examination of hard drives for digital evidence, what type of user is most likely to have the most file slack to analyze?
In a forensic examination of hard drives for digital evidence, what type of user is most likely to have the most file slack to analyze?A . one who has NTFS 4 or 5 partitionsB . one who uses dynamic swap file capabilityC . one who uses hard disk writes on...
Corporate investigations are typically easier than public investigations because:
Corporate investigations are typically easier than public investigations because:A . the users have standard corporate equipment and softwareB . the investigator does not have to get a warrantC . the investigator has to get a warrantD . the users can load whatever they want on their machinesView AnswerAnswer: B
What can you do to prove that the evidence is the same as it was when it first entered the lab?
You are assigned to work in the computer forensics lab of a state police agency. While working on a high profile criminal case, you have followed every applicable procedure, however your boss is still concerned that the defense attorney might question whether evidence has been changed while at the lab. What...
What binary coding is used most often for e-mail purposes?
What binary coding is used most often for e-mail purposes?A . MIMEB . UuencodeC . IMAPD . SMTPView AnswerAnswer: A
When investigating a network that uses DHCP to assign IP addresses, where would you look to determine which system (MAC address) had a specific IP address at a specific time?
When investigating a network that uses DHCP to assign IP addresses, where would you look to determine which system (MAC address) had a specific IP address at a specific time?A . on the individual computer's ARP cacheB . in the Web Server log filesC . in the DHCP Server log...
The following excerpt is taken from a honeypot log. The log captures activities across three days.
The following excerpt is taken from a honeypot log. The log captures activities across three days. There are several intrusion attempts; however, a few are successful. (Note: The objective of this question is to test whether the student can read basic information from log entries and interpret the nature of attack.) Apr 24...
