Conducting A Forensic Investigation

10 Questions | Total Attempts: 181

SettingsSettingsSettings
Please wait...
Investigation Quizzes & Trivia

Questions and Answers
  • 1. 
    What term describes the risk that exists after an organization has performed all planned countermeasures and controls?
    • A. 

      Total risk

    • B. 

      Business risk

    • C. 

      Transparent risk

    • D. 

      Residual risk

  • 2. 
    Violet deploys an intrusion prevention system (IPS) on her network as a security control. What type of control has Violet deployed?
    • A. 

      Detective

    • B. 

      Preventive

    • C. 

      Corrective

    • D. 

      Deterrent

  • 3. 
          Brian needs to design a control that prevents piggybacking, only allowing one person to enter a facility at a time. What type of control would best meet this need?
    • A. 

      Video surveillance

    • B. 

      Motion detectors

    • C. 

      Mantraps

    • D. 

      Biometrics

  • 4. 
    What term describes the longest period of time that a business can survive without a particular critical system?
    • A. 

      Maximum tolerable downtime (MTD)

    • B. 

      Recovery time objective (RTO)

    • C. 

      Recovery point objective (RPO)

    • D. 

      Emergency operations center (EOC)

  • 5. 
    Which control is NOT an example of a fault tolerance technique designed to avoid interruptions that would cause downtime?
    • A. 

      Clustering

    • B. 

      Warm site

    • C. 

      Load balancing

    • D. 

      Redundant array of inexpensive Disks (RAID)

  • 6. 
    Nancy performs a full backup of her server every Sunday at 1 A.M. and differential backups on Mondays through Fridays at 1 A.M. Her server fails at 9 A.M. Wednesday. How many backups does Nancy need to restore?
    • A. 

      1

    • B. 

      2

    • C. 

      3

    • D. 

      4

  • 7. 
    Which data source comes first in the order of volatility when conducting a forensic investigation?
    • A. 

      Logs

    • B. 

      Data files on disk

    • C. 

      Swap and paging files

    • D. 

      RAM

  • 8. 
    Which recovery site option provides readiness in minutes to hours?
    • A. 

      Warm site

    • B. 

      Cold site

    • C. 

      Multiple sites

    • D. 

      Hot site

  • 9. 
    A(n) _________ is an event that prevents a critical business function (CBF) from operating for a period greater than the maximum tolerable downtime.
    • A. 

      Incident

    • B. 

      Event

    • C. 

      Disaster

    • D. 

      Emergency

  • 10. 
    Forensics and incident response are examples of __________ controls.
    • A. 

      Preventive

    • B. 

      Detective

    • C. 

      Corrective

    • D. 

      Deterrent

Back to Top Back to top