The National Polytechnic Institute CHFI Practice Test assesses knowledge in cybercrime forensic investigation. It covers tasks in investigation phases, tools like Wireshark, Linux commands for data copying, and Android graphics libraries. Ideal for enhancing forensic investigation skills relevant to cybersecurity professionals.
Buffer Overflow
Sniffer Attack
Man-in-the-Middle Attack
DDoS
Rate this question:
Purpose of the report
Author of the report
Incident summary
Speculation or opinion as to the cause of the incident
Rate this question:
Cylinder
Head
Spindle
NAND-based flash memory
Rate this question:
RegScanner
ThumbsDisplay
Wireshark
Security Task Manager
Rate this question:
Expert advisor
Crime scene spectator
Ex-criminal
Government officer
Rate this question:
Trail obfuscation
Data Hiding
Steganography
Artifact Wiping
Rate this question:
Port 123
Port 110
Port 115
Port 109
Rate this question:
Enabling shared folders
Installing malware analysis tools
Using network simulation tools
Isolating the host device
Rate this question:
LanWhoIs
Deep Log Analyzer
Towelroot
XRY LOGICAL
Rate this question:
D0 cf 11 e0
Ff d8 ff
25 50 44 46
50 4b 03 04
Rate this question:
Run the anti-spyware tool on the system
Restart Windows
Kill the running processes in Windows task manager
Run the antivirus tool on the system
Rate this question:
Perform data acquisition without disturbing the state of the systems
Open the systems, remove the hard disk and secure it
Switch off the systems and carry them to the laboratory
Record the system state by taking photographs of physical system and the display
Rate this question:
Pre-investigation Phase
Investigation Phase
Reporting Phase
Post-investigation Phase
Rate this question:
Encryption
Steganalysis
Cryptanalysis
Decryption
Rate this question:
GIF
JPEG
PNG
BMP
Rate this question:
Cookies
Open files
Web Browser Cache
Temporary Files
Rate this question:
Deleted space
Slack space
Sector space
Cluster space
Rate this question:
XSS attack
Spam
SQL injection
Phishing
Rate this question:
Directory Table
Rainbow Table
Partition Table
Master File Table (MFT)
Rate this question:
Acunetix
Kismet
Snort
Nikto
Rate this question:
It is the process of restarting a computer that is already in sleep mode
It is the process of starting a computer from a powered-down or off state
It is the process of restarting a computer that is already turned on through the operating system
It is the process of shutting down a computer from a powered-on or on state
RemPass
CmosPwd
TCPDump
WinDump
Rate this question:
OpenGL/ES and SGL
WebKit
Surface Manager
Media framework
Rate this question:
Malware Analysis
Real-Time Analysis
Postmortem Analysis
Packet Analysis
Rate this question:
RunMRU key
MountedDevices key
TypedURLs key
UserAssist Key
Rate this question:
They tampered with the evidence by using it
They called in the FBI without correlating with the fingerprint data
They examined the actual evidence on an unrelated system
They attempted to implicate personnel without proof
Rate this question:
Engage in damage control
Qualify you as an expert witness
Read your curriculum vitae to the jury
Prove that the tools you used to conduct your examination are perfect
Rate this question:
Redsn0w
One Click Root
Kingo Android ROOT
Towelroot
Rate this question:
Bit-stream copy
Robust copy
Full backup copy
Incremental backup copy
Rate this question:
Phishing
Email Spamming
Email Spoofing
Mail Bombing
Rate this question:
Expr
Diff
Lprm
Dd and dcfldd
Rate this question:
MS-office Word Document
Portable Document Format
MS-office Word PowerPoint
MS-office Word OneNote
Rate this question:
Execute malicious code in the system
Propagate malware to other connected devices
Avoid detection by security mechanisms
Avoid encryption while passing through a VPN
Rate this question:
Seek the help of co-workers who are eye-witnesses
Approach the websites for evidence
Image the disk and try to recover deleted files
Check the Windows registry for connection data (You may or may not recover)
Rate this question:
Email spamming
Phishing
Mail bombing
Email spoofing
Rate this question:
Cain & Abel
Colasoft’s Capsa
Xplico
Recuva
Rate this question:
TCPView
Process Monitor
Tokenmon
PSLoggedon
Rate this question:
WIN-ABCDE12345F.pid
WIN-ABCDE12345F.log
WIN-ABCDE12345F-bin.n
WIN-ABCDE12345F.err
Rate this question:
Cold boot
Hot Boot
Warm boot
Ice boot
Rate this question:
*IMEI#
#*06*#
#06#*
*#06#
Rate this question:
Citizen Informant Search Warrant
Electronic Storage Device Search Warrant
IT Bench Search Warrant
Service Provider Search Warrant
Rate this question:
Unvalidated input
Directory traversal
Security misconfiguration
Parameter/form tampering
Rate this question:
Data Extraction
Data Deduplication
Bit Stream Imaging
Backup
Rate this question:
Towelroot
Deep Log Analyzer
SmartWhois
XRY LOGICAL
Rate this question:
Passwords used across the system
Previously typed commands
Events history
History of the browser
Rate this question:
Document the actions and changes that you observe in the monitor, computer, printer, or in other peripherals
Verify if the monitor is in on, off, or in sleep mode
Remove the plug from the power router or modem
Turn on the computer and extract Windows event viewer log files
Rate this question:
Synclog.log
Sync.log
Sync.log
Sync_log.log
Rate this question:
Creating an investigation team
Building forensics workstation
Gathering information about the incident
Gathering evidence data
Rate this question:
Quiz Review Timeline (Updated): Mar 15, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.