Quiz On Forensics And Network Intrusion! CHFI Certification Test
This CHFI certification quiz is on forensics and network intrusion! When someone gains access to a network and its data without permission, there is a lot that they can do to it, and this is including but not limited to deleting, changing or sharing the data. As a certified forensic, you should be able to trace this intrusion and mark where it is from. Try out the quiz and see if you can.
- 1.What is NOT a command used to determine open files?
- A.
Net file
- B.
PsFile
- C.
Openfiles
- D.
Open files
- 2.Which tool helps collect information about network connections operative in a Windows system?
- A.
Ipconfig
- B.
Nbtstat
- C.
Netstat
- D.
Ifconfig
- 3.Which is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples?
- A.
Volatile Extractor
- B.
Volatility Framework
- C.
Volatility Extractor
- D.
Volatile Framework
- 4.What prefetch does value 1 from the registry entry, EnablePrefetcher, tell the system to use?
- A.
Both application and boot prefetching are enabled.
- B.
Application prefetching is enabled.
- C.
Boot prefetching is enabled.
- D.
Prefetching is disabled.
- 5.What prefetch does value 3 from the registry entry, EnablePrefetcher, tell the system to use?
- A.
Both application and boot prefetching are enabled.
- B.
Prefetching is disabled.
- C.
Boot prefetching is enabled.
- D.
Application prefetching is enabled.
- 6.What tool enables you to retrieve information about event logs and publishers in Windows 10?
- A.
Regedit
- B.
EventViewer
- C.
Wevtutil
- D.
Msconfig
- 7.Which is NOT a log management system function?
- A.
Log reduction
- B.
Log compression
- C.
Log conversion
- D.
Log generation
- 8.What is NOT one of the three major concerns regarding log management?
- A.
Log creation and storage
- B.
Log viewing
- C.
Log analysis
- D.
Log protection and availability
- 9.Which is a type of network-based attack?
- A.
Eavesdropping
- B.
Phishing
- C.
Social engineering
- D.
Spamming
- 10.Which is NOT a valid type of digital evidence?
- A.
Text file
- B.
Application data
- C.
Executable file
- D.
DNA sample
- 11.What type of analysis do investigators perform to detect something that has already occurred in a network/device and determine what it is?
- A.
Real-time analysis
- B.
Past-time analysis
- C.
Premortem
- D.
Postmortem
- 12.Which of the following is an internal network vulnerability?
- A.
Spoofing
- B.
Enumeration
- C.
Eavesdropping
- D.
Bottleneck
- 13.Where can congressional security standards and guidelines be found, with an emphasis for federal agencies, for the development, documentation, and implementation of organization-wide programs for information security?
- A.
HIPAA
- B.
FISMA
- C.
GLBA
- D.
PCI DSS
- 14.Which of the following includes security standards for health information?
- A.
PCI DSS
- B.
HIPAA
- C.
FISMA
- D.
GLBA
- 15.What is a proprietary information security standard for organizations that handle cardholder information for major debit, credit, prepaid, e-purse, ATM, and POS cards?
- A.
GLBA
- B.
PCI DSS
- C.
SOX
- D.
FISMA
- 16.Which is NOT an indication of a web attack?
- A.
Access denied to normally available web services
- B.
Web pages redirected to an unknown website
- C.
Network performance being unusually slow
- D.
Logs found to have no known anomalies
- 17.Which of the three different files storing data and logs in SQL servers is optional?
- A.
MDF
- B.
NDF
- C.
PDF
- D.
LDF
- 18.What file format is used by Windows Vista and later versions to store event logs as simple text files in XML format?
- A.
TXTX
- B.
EVTX
- C.
.log
- D.
.txt
- 19.What layer of web application architecture contains components that parse the request (HTTP Request Parser) coming in and forwards the response back?
- A.
Web server layer
- B.
Client layer
- C.
Database layer
- D.
Business layer
- 20.What layer of web application architecture is composed of cloud services which hold all commercial transactions and a server that supplies an organization’s production data in a structured form?
- A.
Business layer
- B.
Web server layer
- C.
Client layer
- D.
Database layer
- 21.Which web application threat refers to the modification of a website’s remnant data for bypassing security measures or gaining unauthorized information?
- A.
Information leakage
- B.
Buffer overflow
- C.
SQL injection
- D.
Cookie poisoning
- 22.Which web application threat refers to a drawback in a web application where it unintentionally reveals sensitive data to an unauthorized user?
- A.
SQL injection
- B.
Cookie poisoning
- C.
Information leakage
- D.
Buffer overflow
- 23.Which web application threat refers to vulnerable management functions, including user updates, recovery of passwords, or resetting passwords?
- A.
Broken account management
- B.
Cookie poisoning
- C.
SQL injection
- D.
Buffer overflow
- 24.Which web application threat occurs when attackers insert commands via input data and are able to tamper with the data?
- A.
Buffer overflow
- B.
SQL injection
- C.
Cookie poisoning
- D.
Denial-of-service
- 25.Which web application threat is a method intended to terminate website or server operations by making resources unavailable to clients?
- A.
Cookie poisoning
- B.
Buffer overflow
- C.
SQL injection
- D.
Denial-of-service
Related Topics
Recent Quizzes
Featured Quizzes
Popular Topics
- ACA Quizzes
- ACCA Quizzes
- ACE Quizzes
- BCBA Quizzes
- CCP Quizzes
- CDC Quizzes
- CDCs Quizzes
- CEH Quizzes
- CISA Quizzes
- CISCO Quizzes
- CISSP Quizzes
- CompTIA Quizzes
- CPA Quizzes
- CPAT Quizzes
- CPFA Quizzes
- CPP Quizzes
- CPS Quizzes
- CPT Quizzes
- CSA Quizzes
- CSET Quizzes
- CST Quizzes
- CSWIP Quizzes
- FTCE Quizzes
- HIPAA Quizzes
- IAHCSMM Quizzes
- ISTQB Quizzes
- LEED Ga Quizzes
- MBLEx Quizzes
- NCIDQ Quizzes
- PMP Quizzes
- PRAXIS Quizzes
- PTCB Quizzes
- Six Sigma Quizzes
- TEAS Quizzes
Back to top