Windows Networking & Computer Fundamentals Exercises Solutions Quiz

247 Questions | By Hantran.ptc4 | Updated: Mar 23, 2023 | Attempts: 494

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

Windows Networking & Computer Fundamentals Exercises Solutions Quiz - Quiz

Attempt this 'Windows Networking & Computer Fundamentals Exercises Solutions' quiz and evaluate yourself whether you're a true computer genius or not. This quiz covers almost every topic related to computers, including windows, the internet, networking, system drives, cyber security, and many more. If you consider yourself a true computer engineer or an expert when it comes to computers, you should really play the quiz and assess yourself. The test becomes tougher after every question. So, go ahead and try to score at least 75 percent! Good luck!

Questions and Answers

1.

What does the acronym POST mean as it relates to a PC?
- A.
  
  Primary Operations Short Test
- B.
  
  PowerOn Self Test
- C.
  
  Pre Operational Situation Test
- D.
  
  Primary Operating System Test
2.

If you see the files ZerO.tar.gz and copy.tar.gz on a Linux system while doing an investigation, what can you conclude?
- A.
  
  The system files have been copied by a remote attacker
- B.
  
  The system administrator has created an incremental backup
- C.
  
  The system has been compromised using a tOrnrootkit
- D.
  
  Nothing in particular as these can be operational files
3.

Adam, a forensic investigator, is investigating an attack on Microsoft Exchange Server of a large organization. As the first step of the investigation, he examined the PRIV.EDB file and found the source from where the mail originated and the name of the file that disappeared upon execution. Now, he wants to examine the MIME stream content. Which of the following files is he going to examine?
- A.
  
  PRIV.STM
- B.
  
  Gwcheck.db
- C.
  
  PRIV.EDB
- D.
  
  PUB.EDB
4.

Which of the following files gives information about the client sync sessions in Google Drive on Windows?
- A.
  
  Sync_log.log
- B.
  
  Sync_log.log
- C.
  
  Sync.log
- D.
  
  Sync.log
5.

How many possible sequence number combinations are there in TCP/IP protocol?
- A.
  
  1 billion
- B.
  
  320 billion
- C.
  
  4 billion
- D.
  
  32 million
6.

Which of the following technique creates a replica of an evidence media?
- A.
  
  Data Extraction
- B.
  
  Backup
- C.
  
  Bit Stream Imaging
- D.
  
  Data Deduplication
7.

To make sure the evidence you recover and analyze with computer forensics software can be admitted in court, you must test and validate the software. What group is actively providing tools and creating procedures for testing and validating computer forensics software?
- A.
  
  Computer Forensics Tools and Validation Committee (CFTVC)
- B.
  
  Association of Computer Forensics Software Manufactures (ACFSM)
- C.
  
  National Institute of Standards and Technology (NIST)
- D.
  
  Society for Valid Forensics Tools and Testing (SVFTT)
8.

Which of the following commands shows you the names of all open shared files on a server and the number of file locks on each file?
- A.
  
  Net config
- B.
  
  Net file
- C.
  
  Net share
- D.
  
  Net sessions
9.

You have been called in to help with an investigation of an alleged network intrusion. After questioning the members of the company IT department, you search through the server log files to find any trace of the intrusion. After that you decide to telnet into one of the company routers to see if there is any evidence to be found. While connected to the router, you see some unusual activity and believe that the attackers are currently connected to that router. You start up an ethereal session to begin capturing traffic on the router that could be used in the investigation. At what layer of the OSI model are you monitoring while watching traffic to and from the router?
- A.
  
  Network
- B.
  
  Transport
- C.
  
  Data Link
- D.
  
  Session
10.

Which of the following tools is not a data acquisition hardware tool?
- A.
  
  UltraKit
- B.
  
  Atola Insight Forensic
- C.
  
  F-Response Imager
- D.
  
  Triage-Responder
11.

You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?
- A.
  
  Polymorphic
- B.
  
  Metamorphic
- C.
  
  Oligomorhic
- D.
  
  Transmorphic
12.

Harold is a security analyst who has just run the rdisk /s command to grab the backup SAM files on a computer. Where should Harold navigate on the computer to find the file?
- A.
  
  %systemroot%\system32\LSA
- B.
  
  %systemroot%\system32\drivers\etc
- C.
  
  %systemroot%\repair
- D.
  
  %systemroot%\LSA
13.

This ISO standard defines file systems and protocols for exchanging data between optical disks. What is it?
- A.
  
  ISO 9660
- B.
  
  ISO/IEC 13940
- C.
  
  ISO 9060
- D.
  
  IEC 3490
14.

The MD5 program is used to:
- A.
  
  Wipe magnetic media before recycling it
- B.
  
  Make directories on an evidence disk
- C.
  
  View graphics files on an evidence drive
- D.
  
  Verify that a disk is not altered when you examine it
15.

If an attacker's computer sends an IPID of 31400 to a zombie computer on an open port in IDLE scanning, what will be the response?
- A.
  
  The zombie will not send a response
- B.
  
  31402
- C.
  
  31399
- D.
  
  31401
16.

Which of the following should a computer forensics lab used for investigations have?
- A.
  
  Isolation
- B.
  
  Restricted access
- C.
  
  Open access
- D.
  
  An entry log
17.

Sectors are pie-shaped regions on a hard disk that store data. Which of the following parts of a hard disk do not contribute in determining the addresses of data?
- A.
  
  Sectors
- B.
  
  Interface
- C.
  
  Cylinder
- D.
  
  Heads
18.

The given image displays information about date and time of installation of the OS along with service packs, patches, and sub-directories. What command or tool did the investigator use to view this output? SI Administrator Command Prompt - □ X 03/10/2016 03:30 AH <DIR> migration 03/10/2016 03:32 AH 352,136 FNTCACHE.DAT 03/25/2016 08:09 PH 140,098 perfc009.dat 03/25/2016 08:09 PH 746,532 perfh009.dat 03/25/2016 08:09 PH 883,572 PerfStringBackup. Illi 04/06/2016 04:54 PH <DIR> Driverstore 04/13/2016 11:27 AH <DIR> catroot2 04/13/2016 12:33 PH 135,176,864 HRT.exe 04/13/2016 12:33 PH <DIR> HRT 04/14/2016 09:36 AH <DIR> config 04/14/2016 03:06 PH <OIR> drivers 04/14/2016 04:02 PH <OIR> 04/14/2016 04:02 PH <DIR> 04/14/2016 04:02 PH 324 pid.dump 04/14/2016 05:51 PH <OIR> sru 3866 File(s) 1,727,891,022 bytes ■ 116 Dir(s) 63,601,328,128 bytes free ■ C:\WINOOWS\system32>_ ____________ ___________________
- A.
  
  Dir/o:d
- B.
  
  Dir /o:s
- C.
  
  Dir/o:e
- D.
  
  Dir/o:n
19.

Andie, a network administrator, suspects unusual network services running on a windows system. Which of the following commands should he use to verify unusual network services started on a Windows system?
- A.
  
  Net serv
- B.
  
  Netmgr
- C.
  
  Lusrmgr
- D.
  
  Net start
20.

Why should you note all cable connections for a computer you want to seize as evidence?
- A.
  
  To know what outside connections existed
- B.
  
  In case other devices were connected
- C.
  
  To know what peripheral devices exist
- D.
  
  To know what hardware existed
21.

What stage of the incident handling process involves reporting events?
- A.
  
  Containment
- B.
  
  Follow-up
- C.
  
  Identification
- D.
  
  Recovery
22.

Which of the following is a MAC-based File Recovery Tool?
- A.
  
  VirtualLab
- B.
  
  GetDataBack
- C.
  
  Cisdem DataRecovery 3
- D.
  
  Smart Undeleter
23.

What does the superblock in Linux define?
- A.
  
  Filesynames
- B.
  
  Diskgeometr
- C.
  
  Location of the firstinode
- D.
  
  Available space
24.

With the standard Linux second extended file system (Ext2fs), a file is deleted when the inode internal link count reaches .
- A.
  
  0
- B.
  
  10
- C.
  
  100
- D.
  
  1
25.

Chong-lee, a forensics executive, suspects that a malware is continuously making copies of files and folders on a victim system to consume the available disk space. What type of test would confirm his claim?
- A.
  
  File fingerprinting
- B.
  
  Identifying file obfuscation
- C.
  
  Static analysis
- D.
  
  Dynamic analysis