Which command line tool is used to determine active network...
Which network attack is described by the following statement?
...
Report writing is a crucial stage in the outcome of an investigation....
Which of the following is a part of a Solid-State Drive (SSD)?
An expert witness is a ____________ who is normally appointed by a...
Which of the following tool captures and allows you to interactively...
Which of the following techniques delete the files permanently?
Sheila is a forensics trainee and is searching for hidden image files...
Smith, a network administrator with a large MNC, was the first to...
To which phase of the Computer Forensic Investigation Process does the...
Which of the following techniques can be used to beat steganography?
When a file or folder is deleted, the complete path, including the...
Adam, a forensic analyst, is preparing VMs for analyzing malware....
POP3 (Post Office Protocol 3) is a standard protocol for receiving an...
Which of the following tools will help the investigator to analyze web...
Which of the following is a precomputed table containing word lists...
Which of the following is a command line packet sniffer that runs on...
Which of the following acts as a network intrusion detection system as...
What is a cold boot (hard boot)?
If the partition size is 4 GB, each cluster will be 32 K. Even if a...
Which of the following are small pieces of data sent from a website...
Which of the following attack uses HTML tags like:
Stephen is checking an image using Compare Files by The Wizard, and he...
What must an attorney do first before you are called to testify as an...
An executive had leaked the company trade secrets through an external...
Smith, an employee of a reputed forensic investigation firm, has been...
A state department site was recently attacked, and all the servers had...
Which of the following is an iOS Jailbreaking tool?
Which of the following Android libraries are used to render 2D (SGL)...
You are working as an independent computer forensics investigator and...
Lynne receives the following email:
...
What is the purpose of using an obfuscator in malware?
Which of the following built-in Linux commands can be used by forensic...
Which of the following files DOES NOT use Object Linking and Embedding...
A suspect is accused of violating the acceptable use of computing...
Shane, a forensic specialist, is investigating an ongoing attack on a...
The process of restarting a computer that is already turned on through...
A forensic examiner is examining a Windows system seized from a...
Which of the following network attacks refers to sending huge volumes...
Which of the following Windows-based tools displays who is logged onto...
Which of the following tool is used to locate IP addresses?
Which of the following attacks allows an attacker to access restricted...
Which of the following techniques creates a replica of an evidence...
Richard is extracting volatile data from a system and uses the...
Which of the following files gives information about the client sync...
Ron, a computer forensics expert, is investigating a case involving...
Which of the following statements is INCORRECT when preserving digital...
Which of the following is NOT a part of the pre-investigation phase?
Which among the following search warrants allows the first responder...
Event correlation is a procedure that is assigned with a new meaning...
Which of the following is NOT considered physical evidence?
A small law firm located in the Midwest has possibly been breached by...
Netstat is a tool for collecting information regarding network...
Which of the following email headers specifies an address for...
Jacob is a computer forensics investigator with over 10 years of...
Madison is on trial for allegedly breaking into her university's...
Amber, a black hat hacker, has embedded malware into a small enticing...
What does the 63.78.199.4(161) denote in a Cisco router log?
...
Data is striped at a byte level across multiple drives, and parity...
First responder is a person who arrives first at the crime scene and...
Billy, a computer forensics expert, has recovered a large number of...
Smith, as a part of his forensic investigation assignment, seized a...
Which password cracking technique uses every possible combination of...
What does the part of the log, "%SEC-6-IPACCESSLOGP", extracted from a...
Sectors are pie-shaped regions on a hard disk that store data. Which...
You have been asked to investigate the possibility of computer fraud...
NTFS has reduced slack space compared to FAT, thus having lesser...
Sniffers that place NICs in promiscuous mode work at what layer of the...
Data compression involves encoding the data to take up less storage...
Which of the following is a list of recently used programs or opened...
Charles has accidentally deleted an important file while working on...
Which of the following is NOT an anti-forensics technique?
Raw data acquisition format creates _________ of a data set or suspect...
Which US law does the interstate or international transportation and...
Who is responsible for the following tasks?
...
Which of the following tool enables a user to reset his/her lost admin...
What is the default IIS log location?
Depending upon the jurisdictional areas, different laws apply to...
Where does the Windows 10 system store the metadata of the deleted...
Rusty, a computer forensics apprentice, uses the command "nbtstat -c"...
Which of the following reports are delivered under oath to a board of...
Graphics Interchange Format (GIF) is a ____ RGB bitmap image format...
The Apache server saves diagnostic information and error messages that...
Which of the following examinations refers to the process of providing...
Which among the following search warrants allows the first responder...
Microsoft Security IDs are available in Windows Registry Editor. The...
Jason discovered a file named "$RIYG6VR.doc" in the...
Adam, a forensic investigator, is investigating an attack on Microsoft...
As part of extracting the system data, Jenifer has used the netstat...
Identify the file system that uses a $BitMap file to keep track of all...
Ivanovich, a forensic investigator, is trying to extract the...
Tasklist command displays a list of applications and services with...
Which code does the FAT file system use to mark the file as deleted?
Bob has encountered a system crash and has lost vital data stored on...
What does 254 represent in ICCID 89254021520014515744?
CAN-SPAM act requires that you:
Bob works as an Information Security Analyst for a big finance...
Which of the following files stores information about the local...
Files stored in the physical location of the Recycle-Bin are renamed...
During forensic investigations, investigators tend to collect the...
Which of the following Event Correlation Approach checks and compares...
A computer used in an alleged software piracy ring has been taken to a...
Which among the following is an act passed by the U.S. Congress in...
What value of the "Boot Record Signature" is used to...
The investigator wants to examine changes made to the system's...
When marking evidence that has been collected with the...
Which MySQL log file contains information on server start and stop?
Which of the following tasks DOES NOT come under the investigation...
Which rule requires an original recording to be provided to prove the...
Buffer overflow vulnerabilities, of web applications, occurs when the...
Hard disk data addressing is a method of allotting addresses to each...
Which of the following Event Correlation Approaches is an advanced...
Which of the following Registry components include offsets to other...
Which of the following ISO standard defines file systems and protocols...
Gary is checking for the devices connected to USB ports of a suspect...
An International Mobile Equipment Identifier (IMEI) is a 15-digit...
Which of the following is a database in which information about every...
Which of the following tool can the investigator use to analyze the...
What is the size value of a nibble?
Select the tool appropriate for finding the dynamically linked lists...
Which password cracking technique uses details such as length of a...
Which of the following standards represents a legal precedent...
Which among the following U.S. laws requires financial institutions...
Which of the following standard represents a legal precedent set in...
Which of the following is a record of the: characteristics of a file...
Smith, a forensic examiner, was analyzing a hard disk image to find...
Gary, a computer technician, is facing allegations of abusing children...
Which among the following files provide email header information in...
Wireless access control attacks aim to penetrate a network by evading...
Which of the following files stores information about a local Google...
Company ABC has employed a firewall, IDS, Antivirus, Domain...
Which of the following tools enables data acquisition and duplication?
Which of the following examinations refers to the process of the...
In Windows Security Event Log, what does an event id of 530 imply?
BMP (Bitmap) is a standard file format for computers running the...
Which of the following files contains the traces of the applications...
Which of the following stages in a Linux boot process involves the...
Which of the following commands shows you the names of all open shared...
How will you categorize a cybercrime that took place within a CSP's...
Which tool does the investigator use to extract artifacts left by...
Randy has extracted data from an old version of a Windows-based system...
Which of the following commands shows you all of the network services...
Which of the following registry hives contains the configuration...
Linux operating system has two types of typical bootloaders namely...
Jacky encrypts her documents using a password. It is known that she...
The pagefile.sys is a virtual memory file used to expand the physical...
You have been given the task to investigate web attacks on a...
Korey, a data mining specialist in the knowledge processing firm...
In Steganalysis, which of the following describes a "Known-stego"...
Shane has started the static analysis of some malware and is using the...