Quiz On Forensics And Network Intrusion! CHFI Certification Test

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Dale
D
Dale
Community Contributor
Quizzes Created: 6 | Total Attempts: 4,247
Questions: 50 | Attempts: 495

SettingsSettingsSettings
Quiz On Forensics And Network Intrusion! CHFI Certification Test - Quiz

This CHFI certification quiz is on forensics and network intrusion! When someone gains access to a network and its data without permission, there is a lot that they can do to it, and this is including but not limited to deleting, changing or sharing the data. As a certified forensic, you should be able to trace this intrusion and mark where it is from. Try out the quiz and see if you can.


Questions and Answers
  • 1. 

    What is NOT a command used to determine open files?

    • A.

      Net file

    • B.

      PsFile

    • C.

      Openfiles

    • D.

      Open files

    Correct Answer
    D. Open files
    Explanation
    The command "Open files" is not used to determine open files. The other three options, "Net file," "PsFile," and "Openfiles," are all commands that can be used to determine open files.

    Rate this question:

  • 2. 

    Which tool helps collect information about network connections operative in a Windows system?

    • A.

      Ipconfig

    • B.

      Nbtstat

    • C.

      Netstat

    • D.

      Ifconfig

    Correct Answer
    C. Netstat
    Explanation
    Netstat is a command-line tool used in Windows systems to gather information about network connections and network statistics. It displays active connections, listening ports, and various network-related information such as protocol statistics and routing tables. By using netstat, users can identify established connections, monitor network traffic, and troubleshoot network issues. Therefore, netstat is the correct tool for collecting information about network connections operative in a Windows system.

    Rate this question:

  • 3. 

    Which is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples?

    • A.

      Volatile Extractor

    • B.

      Volatility Framework

    • C.

      Volatility Extractor

    • D.

      Volatile Framework

    Correct Answer
    B. Volatility Framework
    Explanation
    The correct answer is Volatility Framework. The Volatility Framework is a completely open collection of tools implemented in Python under the GNU General Public License. It is specifically designed for the extraction of digital artifacts from volatile memory (RAM) samples. The framework provides a wide range of capabilities for analyzing memory dumps, including the extraction of running processes, network connections, registry keys, and other valuable forensic information.

    Rate this question:

  • 4. 

    What prefetch does value 1 from the registry entry, EnablePrefetcher, tell the system to use?

    • A.

      Both application and boot prefetching are enabled.

    • B.

      Application prefetching is enabled.

    • C.

      Boot prefetching is enabled.

    • D.

      Prefetching is disabled.

    Correct Answer
    B. Application prefetching is enabled.
    Explanation
    The value 1 from the registry entry, EnablePrefetcher, tells the system to enable application prefetching. Application prefetching is a feature in the system that predicts and loads the necessary files and data for faster application startup times. This means that when the system detects that a particular application is frequently used, it will proactively load the necessary resources into memory, resulting in improved performance when launching that application.

    Rate this question:

  • 5. 

    What prefetch does value 3 from the registry entry, EnablePrefetcher, tell the system to use?

    • A.

      Both application and boot prefetching are enabled.

    • B.

      Prefetching is disabled.

    • C.

      Boot prefetching is enabled.

    • D.

      Application prefetching is enabled.

    Correct Answer
    A. Both application and boot prefetching are enabled.
    Explanation
    The value 3 for the registry entry EnablePrefetcher indicates that both application and boot prefetching are enabled. Prefetching is a technique used by the operating system to optimize the loading of frequently used files and applications. With both application and boot prefetching enabled, the system will pre-load commonly used applications and system files during startup and while running applications, resulting in faster performance.

    Rate this question:

  • 6. 

    What tool enables you to retrieve information about event logs and publishers in Windows 10?

    • A.

      Regedit

    • B.

      EventViewer

    • C.

      Wevtutil

    • D.

      Msconfig

    Correct Answer
    C. Wevtutil
    Explanation
    Wevtutil is the correct answer because it is a command-line utility tool in Windows 10 that allows users to retrieve information about event logs and publishers. It provides various functionalities such as querying, exporting, and managing event logs on the local or remote computers. Wevtutil is commonly used by system administrators and advanced users to troubleshoot and analyze events and logs in the Windows operating system.

    Rate this question:

  • 7. 

    Which is NOT a log management system function?

    • A.

      Log reduction

    • B.

      Log compression

    • C.

      Log conversion

    • D.

      Log generation

    Correct Answer
    D. Log generation
    Explanation
    Log generation is not a log management system function because log management systems are designed to collect, store, analyze, and manage logs generated by various sources such as applications, servers, and network devices. Log generation refers to the process of creating new logs, which is typically done by the systems or applications themselves, rather than the log management system.

    Rate this question:

  • 8. 

    What is NOT one of the three major concerns regarding log management?

    • A.

      Log creation and storage

    • B.

      Log viewing

    • C.

      Log analysis

    • D.

      Log protection and availability

    Correct Answer
    B. Log viewing
    Explanation
    Log viewing is not one of the three major concerns regarding log management. The three major concerns are log creation and storage, log analysis, and log protection and availability. Log viewing refers to the ability to access and view logs, which is important for troubleshooting and monitoring purposes, but it is not considered one of the primary concerns in log management.

    Rate this question:

  • 9. 

    Which is a type of network-based attack?

    • A.

      Eavesdropping

    • B.

      Phishing

    • C.

      Social engineering

    • D.

      Spamming

    Correct Answer
    A. Eavesdropping
    Explanation
    Eavesdropping is a type of network-based attack where an unauthorized person intercepts and listens to private conversations or data transmissions on a network. This can be done by capturing and analyzing network traffic, exploiting vulnerabilities in network protocols, or using specialized tools. Eavesdropping allows attackers to gather sensitive information, such as passwords, personal data, or confidential business information, without the knowledge or consent of the individuals involved. It is a serious security threat that can lead to identity theft, financial loss, or unauthorized access to systems and resources.

    Rate this question:

  • 10. 

    Which is NOT a valid type of digital evidence?

    • A.

      Text file

    • B.

      Application data

    • C.

      Executable file

    • D.

      DNA sample

    Correct Answer
    D. DNA sample
    Explanation
    DNA sample is not a valid type of digital evidence because it is a physical form of evidence, not a digital one. Digital evidence refers to any data or information that is stored or transmitted in a digital format, such as text files, application data, or executable files. DNA samples, on the other hand, are biological samples that are collected and analyzed in a laboratory using physical techniques, not digital ones. Therefore, DNA samples do not fall under the category of digital evidence.

    Rate this question:

  • 11. 

    What type of analysis do investigators perform to detect something that has already occurred in a network/device and determine what it is?

    • A.

      Real-time analysis

    • B.

      Past-time analysis

    • C.

      Premortem

    • D.

      Postmortem

    Correct Answer
    D. Postmortem
    Explanation
    Investigators perform postmortem analysis to detect something that has already occurred in a network/device and determine what it is. Postmortem analysis involves examining the evidence and data logs after an event or incident has taken place. This analysis helps investigators understand the cause, impact, and extent of the incident, allowing them to identify the vulnerabilities and take necessary measures to prevent similar incidents in the future.

    Rate this question:

  • 12. 

    Which of the following is an internal network vulnerability?

    • A.

      Spoofing

    • B.

      Enumeration

    • C.

      Eavesdropping

    • D.

      Bottleneck

    Correct Answer
    D. Bottleneck
    Explanation
    A bottleneck refers to a limitation or a point of congestion in a network where the flow of data is restricted. It can occur due to various reasons such as insufficient bandwidth, outdated hardware, or network congestion. This can lead to reduced network performance and can be exploited by attackers to disrupt or compromise the internal network. Therefore, a bottleneck can be considered as an internal network vulnerability.

    Rate this question:

  • 13. 

    Where can congressional security standards and guidelines be found, with an emphasis for federal agencies, for the development, documentation, and implementation of organization-wide programs for information security?

    • A.

      HIPAA

    • B.

      FISMA

    • C.

      GLBA

    • D.

      PCI DSS

    Correct Answer
    B. FISMA
    Explanation
    FISMA stands for the Federal Information Security Management Act. It is a United States federal law that provides a framework for securing information systems within federal agencies. FISMA establishes security standards and guidelines for the development, documentation, and implementation of organization-wide programs for information security. Therefore, FISMA is the correct answer as it specifically addresses congressional security standards and guidelines for federal agencies.

    Rate this question:

  • 14. 

    Which of the following includes security standards for health information?

    • A.

      PCI DSS

    • B.

      HIPAA

    • C.

      FISMA

    • D.

      GLBA

    Correct Answer
    B. HIPAA
    Explanation
    HIPAA (Health Insurance Portability and Accountability Act) includes security standards for health information. HIPAA is a federal law in the United States that aims to protect sensitive patient health information from being disclosed without the patient's consent or knowledge. It sets standards for the privacy and security of health information and requires healthcare providers, health plans, and healthcare clearinghouses to implement safeguards to protect patient data. HIPAA ensures that healthcare organizations have proper security measures in place to prevent unauthorized access, use, or disclosure of health information, thereby safeguarding patient privacy and confidentiality.

    Rate this question:

  • 15. 

    What is a proprietary information security standard for organizations that handle cardholder information for major debit, credit, prepaid, e-purse, ATM, and POS cards?

    • A.

      GLBA

    • B.

      PCI DSS

    • C.

      SOX

    • D.

      FISMA

    Correct Answer
    B. PCI DSS
    Explanation
    PCI DSS stands for Payment Card Industry Data Security Standard. It is a proprietary information security standard designed to ensure the security of cardholder information for organizations that handle major debit, credit, prepaid, e-purse, ATM, and POS cards. PCI DSS provides guidelines and requirements for organizations to protect cardholder data, maintain a secure network, implement strong access control measures, regularly monitor and test networks, and maintain an information security policy. Compliance with PCI DSS is necessary for organizations that handle cardholder information to prevent data breaches and protect the sensitive information of cardholders.

    Rate this question:

  • 16. 

    Which is NOT an indication of a web attack?

    • A.

      Access denied to normally available web services

    • B.

      Web pages redirected to an unknown website

    • C.

      Network performance being unusually slow

    • D.

      Logs found to have no known anomalies

    Correct Answer
    D. Logs found to have no known anomalies
    Explanation
    Logs found to have no known anomalies is NOT an indication of a web attack. In the context of web security, logs are used to track and monitor activities on a network. If logs are found to have no known anomalies, it suggests that there are no suspicious or malicious activities detected, indicating that there is no ongoing web attack. On the other hand, the other options listed (access denied to normally available web services, web pages redirected to an unknown website, and network performance being unusually slow) are all potential indicators of a web attack as they signify abnormal behavior or unauthorized access.

    Rate this question:

  • 17. 

    Which of the three different files storing data and logs in SQL servers is optional?

    • A.

      MDF

    • B.

      NDF

    • C.

      PDF

    • D.

      LDF

    Correct Answer
    B. NDF
    Explanation
    The NDF (Secondary Data File) is an optional file in SQL servers. It is used to store user-defined data and can be added to a database to increase storage capacity. However, it is not necessary for the functioning of the database and its absence does not affect the basic operations. Therefore, the NDF file is considered optional in SQL servers.

    Rate this question:

  • 18. 

    What file format is used by Windows Vista and later versions to store event logs as simple text files in XML format?

    • A.

      TXTX

    • B.

      EVTX

    • C.

      .log

    • D.

      .txt

    Correct Answer
    B. EVTX
    Explanation
    Windows Vista and later versions use the EVTX file format to store event logs as simple text files in XML format. This format allows for easy readability and analysis of the event logs, making it more convenient for troubleshooting and system monitoring purposes. The EVTX file format also provides a standardized way of storing event information, ensuring compatibility across different Windows operating systems.

    Rate this question:

  • 19. 

    What layer of web application architecture contains components that parse the request (HTTP Request Parser) coming in and forwards the response back?

    • A.

      Web server layer

    • B.

      Client layer

    • C.

      Database layer

    • D.

      Business layer

    Correct Answer
    A. Web server layer
    Explanation
    The web server layer is responsible for handling incoming requests from clients and forwarding the appropriate response back. This layer contains components such as the HTTP Request Parser, which parses the request and extracts the necessary information. It then forwards this request to the appropriate component in the architecture for further processing. Therefore, the web server layer is the correct answer as it contains the components that handle request parsing and response forwarding.

    Rate this question:

  • 20. 

    What layer of web application architecture is composed of cloud services which hold all commercial transactions and a server that supplies an organization’s production data in a structured form?

    • A.

      Business layer

    • B.

      Web server layer

    • C.

      Client layer

    • D.

      Database layer

    Correct Answer
    D. Database layer
    Explanation
    The database layer of web application architecture is composed of cloud services that store all commercial transactions and a server that provides an organization's production data in a structured form. This layer is responsible for managing and storing data, allowing the application to retrieve and manipulate information efficiently. It ensures data integrity, security, and accessibility for the web application.

    Rate this question:

  • 21. 

    Which web application threat refers to the modification of a website’s remnant data for bypassing security measures or gaining unauthorized information?

    • A.

      Information leakage

    • B.

      Buffer overflow

    • C.

      SQL injection

    • D.

      Cookie poisoning

    Correct Answer
    D. Cookie poisoning
    Explanation
    Cookie poisoning refers to the modification of a website's remnant data, specifically the cookies, in order to bypass security measures or gain unauthorized information. This can be done by an attacker manipulating the content of the cookies, such as changing the values or adding malicious data. By doing so, the attacker can exploit vulnerabilities in the website's authentication or session management systems, potentially gaining access to sensitive information or unauthorized privileges.

    Rate this question:

  • 22. 

    Which web application threat refers to a drawback in a web application where it unintentionally reveals sensitive data to an unauthorized user?

    • A.

      SQL injection

    • B.

      Cookie poisoning

    • C.

      Information leakage

    • D.

      Buffer overflow

    Correct Answer
    C. Information leakage
    Explanation
    Information leakage refers to a drawback in a web application where it unintentionally reveals sensitive data to an unauthorized user. This can occur due to vulnerabilities in the application's code or configuration, allowing an attacker to gain access to confidential information. SQL injection, cookie poisoning, and buffer overflow are all different types of web application threats, but they do not specifically refer to the unintentional disclosure of sensitive data.

    Rate this question:

  • 23. 

    Which web application threat refers to vulnerable management functions, including user updates, recovery of passwords, or resetting passwords?

    • A.

      Broken account management

    • B.

      Cookie poisoning

    • C.

      SQL injection

    • D.

      Buffer overflow

    Correct Answer
    A. Broken account management
    Explanation
    Broken account management refers to the vulnerability in web applications where the management functions related to user updates, password recovery, and password resetting are not properly implemented or secured. This can allow attackers to exploit these functions and gain unauthorized access to user accounts, manipulate account settings, or bypass authentication mechanisms. It is important for web applications to have robust and secure account management practices to protect user accounts and prevent unauthorized access.

    Rate this question:

  • 24. 

    Which web application threat occurs when attackers insert commands via input data and are able to tamper with the data?

    • A.

      Buffer overflow

    • B.

      SQL injection

    • C.

      Cookie poisoning

    • D.

      Denial-of-service

    Correct Answer
    B. SQL injection
    Explanation
    SQL injection is a web application threat where attackers insert malicious SQL commands into input data fields, such as forms, in order to manipulate or tamper with the data stored in the database. This can allow them to bypass authentication, access sensitive information, modify or delete data, or even execute arbitrary commands on the database server. By exploiting vulnerabilities in the application's input validation mechanisms, attackers can effectively control the SQL queries executed by the application, leading to potential security breaches.

    Rate this question:

  • 25. 

    Which web application threat is a method intended to terminate website or server operations by making resources unavailable to clients?

    • A.

      Cookie poisoning

    • B.

      Buffer overflow

    • C.

      SQL injection

    • D.

      Denial-of-service

    Correct Answer
    D. Denial-of-service
    Explanation
    A denial-of-service attack is a web application threat that aims to disrupt or terminate website or server operations by overwhelming the resources available to clients. This can be achieved by flooding the target server with a high volume of requests or exploiting vulnerabilities in the server's infrastructure. The goal is to make the website or server unavailable to legitimate users, causing inconvenience or financial loss to the targeted organization.

    Rate this question:

  • 26. 

    Which web application threat occurs when attackers bypass the client’s ID security mechanisms, gain access privileges, and inject malicious scripts into specific fields in web pages?

    • A.

      SQL injection

    • B.

      Buffer overflow

    • C.

      Cookie poisoning

    • D.

      Cross-site scripting

    Correct Answer
    D. Cross-site scripting
    Explanation
    Cross-site scripting (XSS) occurs when attackers bypass the client's ID security mechanisms and inject malicious scripts into specific fields in web pages. This allows them to gain access privileges and potentially manipulate or steal sensitive information from users. XSS attacks can be used to deliver malware, steal login credentials, or perform other malicious activities.

    Rate this question:

  • 27. 

    Which web application threat occurs when an authenticated user is forced to perform certain tasks on the web application chosen by an attacker?

    • A.

      Cookie poisoning

    • B.

      Cross-site request forgery

    • C.

      SQL injection

    • D.

      Buffer overflow

    Correct Answer
    B. Cross-site request forgery
    Explanation
    Cross-site request forgery (CSRF) occurs when an authenticated user is tricked into performing unwanted actions on a web application chosen by an attacker. This is achieved by exploiting the trust that the web application has in the authenticated user's identity. The attacker may craft a malicious request that appears legitimate, leading the user's browser to unknowingly execute the request. CSRF attacks can result in unauthorized actions being performed on the user's behalf, such as changing account settings or making fraudulent transactions.

    Rate this question:

  • 28. 

    What cloud service enables subscribers to use fundamental IT resources, such as computing power, virtualization, data storage, network, etc., on demand?

    • A.

      IaaS

    • B.

      AaaS

    • C.

      SaaS

    • D.

      PaaS

    Correct Answer
    A. IaaS
    Explanation
    IaaS stands for Infrastructure as a Service. It is a cloud service that allows subscribers to access and use fundamental IT resources on demand. This includes computing power, virtualization, data storage, network, and more. With IaaS, users can easily scale their resources up or down based on their needs, without the need to invest in and maintain physical infrastructure.

    Rate this question:

  • 29. 

    What cloud service offers application software to subscribers on demand or over the internet and is charged for by the provider on a pay-per-use basis, by subscription, by advertising, or by sharing among multiple users?

    • A.

      AaaS

    • B.

      IaaS

    • C.

      PaaS

    • D.

      SaaS

    Correct Answer
    D. SaaS
    Explanation
    SaaS stands for Software as a Service. It is a cloud service that offers application software to subscribers on demand or over the internet. The provider charges for this service on a pay-per-use basis, by subscription, by advertising, or by sharing among multiple users.

    Rate this question:

  • 30. 

    What is a cloud environment composed of two or more clouds that remain unique entities but are bound together to offer the benefits of multiple deployment models?

    • A.

      Private cloud

    • B.

      Hybrid cloud

    • C.

      Community cloud

    • D.

      Public cloud

    Correct Answer
    B. Hybrid cloud
    Explanation
    A hybrid cloud is a cloud environment composed of two or more clouds that remain unique entities but are bound together to offer the benefits of multiple deployment models. In a hybrid cloud, organizations can combine the flexibility and scalability of public clouds with the control and security of private clouds. This allows them to leverage the strengths of both deployment models, optimizing their resources and meeting specific business needs.

    Rate this question:

  • 31. 

    Which cloud environment allows the provider to make services—such as applications, servers, and data storage—available to the public over the internet?

    • A.

      Community cloud

    • B.

      Public cloud

    • C.

      Hybrid cloud

    • D.

      Private cloud

    Correct Answer
    B. Public cloud
    Explanation
    A public cloud environment allows the provider to make services, such as applications, servers, and data storage, available to the public over the internet. This means that anyone with internet access can utilize these services without needing to have their own infrastructure or resources. Public cloud environments are typically managed by third-party providers and offer scalability, flexibility, and cost-effectiveness to users. They are suitable for organizations or individuals who require on-demand resources and do not need to maintain complete control over their infrastructure.

    Rate this question:

  • 32. 

    Which of the following stakeholders is responsible for conducting forensic examinations against allegations made regarding wrongdoings, found vulnerabilities, and attacks over the cloud?

    • A.

      Incident handlers

    • B.

      Law advisors

    • C.

      Investigators

    • D.

      IT professionals

    Correct Answer
    C. Investigators
    Explanation
    Investigators are responsible for conducting forensic examinations against allegations made regarding wrongdoings, found vulnerabilities, and attacks over the cloud. They are trained professionals who gather and analyze evidence to determine the cause and extent of any security incidents. Incident handlers play a role in responding to and mitigating security incidents, while law advisors provide legal guidance. IT professionals may be involved in securing and maintaining cloud systems, but they are not specifically responsible for conducting forensic examinations.

    Rate this question:

  • 33. 

    Which of the following stakeholders is responsible for making sure all the forensic activities are within the jurisdiction and not violating any regulations or agreements?

    • A.

      Investigators

    • B.

      Law advisors

    • C.

      IT professionals

    • D.

      Incident handlers

    Correct Answer
    B. Law advisors
    Explanation
    Law advisors are responsible for ensuring that all forensic activities are conducted within the jurisdiction and in compliance with regulations and agreements. They provide legal guidance and advice to investigators, IT professionals, and incident handlers to ensure that their actions do not violate any laws or regulations. Law advisors play a crucial role in ensuring that forensic activities are conducted ethically and legally.

    Rate this question:

  • 34. 

    Which is a violation of the Controlling the Assault of Non-Solicited Pornography and Marketing Act?

    • A.

      Taking advantage of open relays or open proxies with permission

    • B.

      Accessing someone else’s computer to send spam mails with permission

    • C.

      Using legitimate information to register for multiple email accounts or domain names

    • D.

      Retransmitting spam messages through a computer to mislead others about the origin of the message

    Correct Answer
    D. Retransmitting spam messages through a computer to mislead others about the origin of the message
    Explanation
    Retransmitting spam messages through a computer to mislead others about the origin of the message is a violation of the Controlling the Assault of Non-Solicited Pornography and Marketing Act. This act, also known as the CAN-SPAM Act, prohibits the transmission of deceptive or misleading information in commercial emails. By retransmitting spam messages through a computer, the sender is intentionally misleading recipients about the true source of the message, which is a violation of the law.

    Rate this question:

  • 35. 

    What is the primary information required for starting an email investigation?

    • A.

      The SMTP log

    • B.

      The date and time

    • C.

      The unique message

    • D.

      The unique IP address

    Correct Answer
    D. The unique IP address
    Explanation
    The primary information required for starting an email investigation is the unique IP address. This is because the IP address can provide valuable information about the origin and location of the email, helping investigators trace its source. The SMTP log, date and time, and unique message are also important in the investigation process, but the unique IP address is crucial in identifying the sender and gathering further evidence.

    Rate this question:

  • 36. 

    What is NOT true of email crimes?

    • A.

      Email crime is not limited by the email organization.

    • B.

      Communication can occur without human intervention.

    • C.

      Forging the email header can hide the attacker’s identity.

    • D.

      Unsolicited commercial email is considered spam.

    Correct Answer
    A. Email crime is not limited by the email organization.
    Explanation
    Email crime is not limited by the email organization because email crimes can be committed by individuals or groups outside of the organization. These crimes can include phishing attacks, email scams, and spreading malware through email. Therefore, it is incorrect to say that email crimes are limited by the email organization.

    Rate this question:

  • 37. 

    What is a common technique used to distribute malware on the web by injecting malware into legitimate-looking websites to trick users into selecting them?

    • A.

      Blackhat SEO

    • B.

      Drive-by downloads

    • C.

      Click-jacking

    • D.

      Malvertising

    Correct Answer
    C. Click-jacking
    Explanation
    Click-jacking is a common technique used to distribute malware on the web. It involves injecting malware into legitimate-looking websites to trick users into unknowingly selecting malicious elements. By overlaying transparent buttons or links on top of legitimate content, attackers can deceive users into clicking on them, which can lead to the installation of malware on their devices. This technique exploits the trust users have in familiar websites, making it easier for hackers to distribute malware without raising suspicion.

    Rate this question:

  • 38. 

    What is a common technique used to distribute malware on the web by mimicking legitimate institutions in an attempt to steal passwords, credit cards, and bank account data?

    • A.

      Drive-by downloads

    • B.

      Malvertising

    • C.

      Blackhat SEO

    • D.

      Spear phishing sites

    Correct Answer
    D. Spear phishing sites
    Explanation
    Spear phishing sites are a common technique used to distribute malware on the web by mimicking legitimate institutions. These sites trick users into entering sensitive information such as passwords, credit cards, and bank account data, which is then stolen by the attackers. Unlike regular phishing attacks that cast a wide net, spear phishing sites are specifically targeted towards individuals or organizations, making them more effective and difficult to detect.

    Rate this question:

  • 39. 

    What is a common technique used to distribute malware on the web when an attacker exploits flaws in browser software to install malware just by visiting a website?

    • A.

      Click-jacking

    • B.

      Drive-by downloads

    • C.

      Blackhat SEO

    • D.

      Malvertising

    Correct Answer
    B. Drive-by downloads
    Explanation
    A common technique used to distribute malware on the web is drive-by downloads. In this method, an attacker takes advantage of vulnerabilities in browser software to automatically install malware on a user's device when they visit a compromised website. This can happen without the user's knowledge or consent, making it a highly effective way for attackers to distribute malware and compromise systems.

    Rate this question:

  • 40. 

    Which architectural layer of mobile device environments simplifies the process of interacting with web services and other applications such as email, the internet, and SMS?

    • A.

      Client application

    • B.

      Communication API

    • C.

      GUI API

    • D.

      Phone API

    Correct Answer
    B. Communication API
    Explanation
    The communication API is the architectural layer of mobile device environments that simplifies the process of interacting with web services and other applications such as email, the internet, and SMS. This API provides a set of functions and protocols that allow the mobile device to establish and manage communication with external services and applications. It handles tasks such as sending and receiving data, managing network connections, and handling communication protocols. By providing a standardized interface for communication, the communication API makes it easier for developers to integrate their applications with various services and enables seamless communication between the mobile device and external systems.

    Rate this question:

  • 41. 

    Which architectural layer of mobile device environments provides telephony services related to the mobile carrier operator such as making calls, receiving calls, and SMS?

    • A.

      Communication API

    • B.

      GUI API

    • C.

      Phone API

    • D.

      Client application

    Correct Answer
    C. Phone API
    Explanation
    The phone API is the correct answer because it provides telephony services related to the mobile carrier operator. This includes making calls, receiving calls, and SMS functionality. The phone API allows developers to access and utilize these telephony services in their mobile applications.

    Rate this question:

  • 42. 

    Which architectural layer of mobile device environments contains items that are responsible for mobile operations such as a display device, a keypad, RAM, flash, an embedded processor, and a media processor?

    • A.

      Hardware

    • B.

      Communication API

    • C.

      Client application

    • D.

      Operating system

    Correct Answer
    A. Hardware
    Explanation
    The correct answer is hardware. The hardware layer of mobile device environments includes physical components such as the display device, keypad, RAM, flash, embedded processor, and media processor. These items are responsible for the mobile device's operations and functionality.

    Rate this question:

  • 43. 

    What operating system was Android based on?

    • A.

      Windows

    • B.

      Linux

    • C.

      IOS

    • D.

      Mac

    Correct Answer
    B. Linux
    Explanation
    Android is an operating system that was based on Linux. Linux is an open-source operating system that provides a stable and secure foundation for Android. The use of Linux allows Android to benefit from its robustness, scalability, and flexibility. Additionally, being based on Linux enables Android to leverage the vast array of software and development tools available in the Linux ecosystem. This has contributed to the widespread adoption and success of Android as a mobile operating system.

    Rate this question:

  • 44. 

    What must an investigator do in order to offer a good report to a court of law and ease the prosecution?

    • A.

      Authorize the evidence

    • B.

      Prosecute the evidence

    • C.

      Obfuscate the evidence

    • D.

      Preserve the evidence

    Correct Answer
    D. Preserve the evidence
    Explanation
    In order to offer a good report to a court of law and ease the prosecution, an investigator must preserve the evidence. Preserving the evidence ensures that it remains intact and uncontaminated, allowing for a thorough examination and analysis. By preserving the evidence, the investigator can present accurate and reliable information to the court, which can strengthen the case and support the prosecution's arguments.

    Rate this question:

  • 45. 

    Which of the following is NOT a digital data storage type?

    • A.

      Magnetic storage devices

    • B.

      Quantum storage devices

    • C.

      Flash memory devices

    • D.

      Optical storage devices

    Correct Answer
    B. Quantum storage devices
    Explanation
    Quantum storage devices are not a digital data storage type because they do not store data in a digital format. Unlike magnetic storage devices, flash memory devices, and optical storage devices, which store data in binary code (0s and 1s), quantum storage devices use the principles of quantum mechanics to store and retrieve data in a quantum state. This makes them fundamentally different from traditional digital storage types.

    Rate this question:

  • 46. 

    Which of the following best describes flash memory?

    • A.

      Flash memory is expensive and less efficient compared to other storage devices.

    • B.

      Flash memory is a non-volatile, electronically erasable and reprogrammable storage medium.

    • C.

      Flash memory is used in all SCSI hard drives.

    • D.

      Flash memory is a volatile, electronically erasable and reprogrammable storage medium.

    Correct Answer
    B. Flash memory is a non-volatile, electronically erasable and reprogrammable storage medium.
    Explanation
    Flash memory is a non-volatile, electronically erasable and reprogrammable storage medium. This means that it can retain data even when power is turned off, it can be erased and rewritten electronically, and it can be reprogrammed multiple times. Unlike other storage devices, flash memory is not only efficient but also relatively affordable. It is commonly used in various electronic devices such as USB drives, solid-state drives, and memory cards.

    Rate this question:

  • 47. 

    Where are deleted items stored on Windows Vista and later versions of Windows?

    • A.

      Drive:\Recycle.Bin$

    • B.

      Drive:\$Recycle.Bin

    • C.

      Drive:\RECYCLED

    • D.

      Drive:\RECYCLER

    Correct Answer
    B. Drive:\$Recycle.Bin
    Explanation
    Deleted items on Windows Vista and later versions of Windows are stored in the "$Recycle.Bin" folder located in the root directory of the respective drive.

    Rate this question:

  • 48. 

    What is NOT a command used to determine logged-on users?

    • A.

      LoggedSessions

    • B.

      Net sessions

    • C.

      PsLoggedOn

    • D.

      LogonSessions

    Correct Answer
    A. LoggedSessions
    Explanation
    The command "LoggedSessions" is not a valid command used to determine logged-on users. The other options, "net sessions," "PsLoggedOn," and "LogonSessions," are commonly used commands to determine logged-on users.

    Rate this question:

  • 49. 

    What is NOT one of the three tiers a log management infrastructure typically comprises?

    • A.

      Log generation

    • B.

      Log analysis and storage

    • C.

      Log monitoring

    • D.

      Log rotation

    Correct Answer
    D. Log rotation
    Explanation
    Log rotation is not one of the three tiers in a typical log management infrastructure. Log rotation refers to the process of managing log files by compressing, archiving, or deleting them based on certain criteria such as size or time. While log generation, log analysis and storage, and log monitoring are essential components of a log management infrastructure, log rotation is a separate task that ensures the efficient management of log files but does not belong to the core tiers.

    Rate this question:

  • 50. 

    Which is a threat to web applications?

    • A.

      Error handling

    • B.

      Validated input

    • C.

      Secure storage

    • D.

      Cookie poisoning

    Correct Answer
    D. Cookie poisoning
    Explanation
    Cookie poisoning refers to a type of attack where an attacker manipulates the data stored in a user's web browser cookies. By modifying the content of the cookies, the attacker can gain unauthorized access to sensitive information or impersonate the user. This poses a significant threat to web applications as it can lead to unauthorized access, session hijacking, or other malicious activities. Therefore, cookie poisoning is a potential threat that web applications need to safeguard against.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Apr 18, 2019
    Quiz Created by
    Dale
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.