Collecting Evidence! Trivia Facts Quiz

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Kai_rul
K
Kai_rul
Community Contributor
Quizzes Created: 2 | Total Attempts: 17,734
Questions: 10 | Attempts: 72
SettingsSettingsSettings
Please wait...
Create your own Quiz
Collecting Evidence! Trivia Facts Quiz - Quiz


To test your understanding of the subject

Questions and Answers
  • 1. 

    What is the first step that the investigator needs to do when he/she enter the crime scene?

    • A.

      Clone the hard drive

    • B.

      Unplug/ remove all Ethernet cable and modem to eliminate remote access

    • C.

      Identify evidence and potential containers of evidence

    • D.

      Labeling the potential evidence

    Correct Answer
    C. Identify evidence and potential containers of evidence
    Explanation
    The first step that the investigator needs to do when entering the crime scene is to identify evidence and potential containers of evidence. This is crucial in order to preserve and collect any relevant items that may be used in the investigation. By identifying the evidence and potential containers, the investigator can ensure that nothing is overlooked or tampered with, and can proceed with the necessary steps to properly handle and analyze the evidence.

    Rate this question:

  • 2. 

    Which of the following is TRUE about describing the evidence:I- must describe by typeII-Note if the device is connected to other devicesIII- must describe by serial numberIV- Note whether the device is one or off

    • A.

      I and III

    • B.

      II and IV

    • C.

      I, III and IV

    • D.

      All above

    Correct Answer
    A. I and III
    Explanation
    The correct answer is I and III. This means that when describing the evidence, it is true that it must be described by type (I) and by serial number (III).

    Rate this question:

  • 3. 

    Which of the following DOES NOT belong to Volatile Evidence?

    • A.

      RAM

    • B.

      USB Storage

    • C.

      Network connection

    • D.

      Open files

    Correct Answer
    B. USB Storage
    Explanation
    USB storage does not belong to volatile evidence because volatile evidence refers to data that is stored in temporary memory and is lost when the power is turned off or the device is restarted. USB storage is a form of non-volatile evidence as it retains data even when the power is off. RAM, network connection, and open files are examples of volatile evidence as they are temporary and can be lost when the device is powered off.

    Rate this question:

  • 4. 

    Dd.exe if= .................. of = .....................Fill in the blank with correct answer

    • A.

      Input image, Destination image

    • B.

      Destination image, input image

    • C.

      Input image, input image

    • D.

      Destination image, destination image

    Correct Answer
    A. Input image, Destination image
    Explanation
    The correct answer is "Input image, Destination image". In the given command, "if=" stands for "input file" and "of=" stands for "output file". Therefore, "dd.exe if= input image of= destination image" indicates that the input image is being copied to the destination image.

    Rate this question:

  • 5. 

    Arrange the following steps for cloning the hard drive?I- Protect the cloning process with write block II- Forensically clean the drive (wipe)III- Clone the drive using tool (hardware/software)

    • A.

      III,II,I

    • B.

      II, I, III

    • C.

      I, II, III

    • D.

      II,III,I

    Correct Answer
    B. II, I, III
    Explanation
    The correct order for cloning the hard drive is to first forensically clean the drive (wipe) to ensure any previous data is removed. Next, protect the cloning process with write block to prevent any accidental changes or modifications to the original drive. Finally, clone the drive using a tool (hardware/software) to create an exact copy of the original drive.

    Rate this question:

  • 6. 

    Rearrange the order of volatility for those evidence. (Up to less volatile)I- cacheII- memoryIII- archive mediaIV- HDDV- pagefiles

    • A.

      I,II,III,IV, V

    • B.

      I,III,II,IV,V

    • C.

      I,II,V,IV,III

    • D.

      I,II,IV,V,III

    Correct Answer
    C. I,II,V,IV,III
    Explanation
    The correct answer is I,II,V,IV,III. The order of volatility refers to the order in which different types of evidence should be collected in a digital investigation, based on their volatility or likelihood of being lost or altered. In this case, cache (I) is the most volatile, followed by memory (II), pagefiles (V), HDD (IV), and archive media (III) being the least volatile. This order ensures that the most volatile evidence is collected first to minimize the risk of loss or alteration.

    Rate this question:

  • 7. 

    In order to protect the cell phone from network signals, we must place the phone in ............

    Correct Answer
    Faraday bag
    Explanation
    A Faraday bag is a specially designed bag that is made of conductive material, which blocks electromagnetic signals from entering or leaving the bag. When a cell phone is placed inside a Faraday bag, it is shielded from network signals, preventing it from receiving calls, messages, or any other wireless communication. This can be useful in situations where you want to ensure privacy, prevent tracking, or avoid interference with sensitive equipment.

    Rate this question:

  • 8. 

    If the phone is on, we need to switch it off before preserve it.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    The statement is incorrect. If the phone is already on, there is no need to switch it off before preserving it. Preserving the phone can be done regardless of its current power status.

    Rate this question:

  • 9. 

    Which of the following are TRUTH about taking notes during collecting evidence?I- the notes should focus on what you do and observe at the sceneII- you can draw conclusions based on your observation on the noteIII- one of the method in taking the note is by chronological orderIV- writing the condition of the evidence on the notes

    • A.

      I and III

    • B.

      I,III and IV

    • C.

      I,II, and III

    • D.

      All above

    Correct Answer
    B. I,III and IV
    Explanation
    When collecting evidence, it is important to take notes that focus on what you do and observe at the scene (I). This helps in accurately documenting the actions and observations made during the collection process. Additionally, one of the methods in taking notes is by organizing them in chronological order (III), which helps in maintaining a clear timeline of events. Lastly, it is crucial to write down the condition of the evidence on the notes (IV), as this information is vital for later analysis and interpretation. Therefore, the correct answer is I, III, and IV.

    Rate this question:

  • 10. 

    Reasons for difficulty in identifying evidence at the crime scene?

    • A.

      Small scale devices

    • B.

      Non traditional storage media

    • C.

      The data within the storage media are volatile

    • D.

      Multiple possible crime scenes

    Correct Answer(s)
    A. Small scale devices
    B. Non traditional storage media
    D. Multiple possible crime scenes
    Explanation
    The difficulty in identifying evidence at a crime scene can be attributed to several factors. Firstly, the use of small scale devices makes it challenging to locate and collect evidence as they can easily be concealed or misplaced. Additionally, the presence of non-traditional storage media, such as cloud storage or encrypted files, adds complexity to the investigation process as accessing and analyzing these sources may require specialized knowledge and tools. Moreover, the data within storage media are often volatile, meaning they can be easily altered or deleted, making it harder to obtain reliable evidence. Lastly, when multiple possible crime scenes are involved, it becomes more difficult to determine which locations hold crucial evidence, requiring thorough examination and coordination among investigators.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Jun 23, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Oct 04, 2016
    Quiz Created by
    Kai_rul

Related Topics

Featured Quizzes

BTS Army Quiz BTS Army Quiz
Which Premier League Team Should I Support? Which Premier League Team Should I Support?
Simple Compound And Complex Sentences Quiz Simple Compound And Complex Sentences Quiz
Uncover Your True Personality: Take the 'What Am I?' Quiz Uncover Your True Personality: Take the 'What Am I?' Quiz
What Type Of Girl Are You? What Type Of Girl Are You?
Will Your Friendship Last Forever? Will Your Friendship Last Forever?

Popular Topics

Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.