1. Computer forensics also known as?
A. digital forensic science
B. computer crime
C. computer forensic science
D. computer forensics investigations
Ans : C
Explanation: Computer forensics also known as computer forensic science
2. Which method uses stochastic properties of the computer system to investigate activities lacking digital artifacts?
A. Steganography
B. Stochastic forensics
C. Both A and B
D. None of the above
Ans : B
Explanation: A method which uses stochastic properties of the computer system to investigate activities lacking digital artifacts. Its chief use is to investigate data theft.
3. computer forensics also be used in civil proceedings.
A. Yes
B. No
C. Can be yes or no
D. Can not say
Ans : A
Explanation: Yes, computer forensics may also be used in civil proceedings.
4. Which of the following techniques are used during computer forensics investigations?
A. Cross-drive analysis
B. Live analysis
C. Deleted files
D. All of the above
Ans : D
Explanation: All of the above are techniques are used during computer forensics investigations.
5. CCFP stands for?
A. Cyber Certified Forensics Professional
B. Certified Cyber Forensics Professional
C. Certified Cyber Forensics Program
D. Certified Cyber Forensics Product
Ans : B
Explanation: CCFP : Certified Cyber Forensics Professional
6. How many c's in computer forensics?
A. 1
B. 2
C. 3
D. 4
Ans : C
Explanation: There are three c's in computer forensics : confidence. credibility. Cost
7. You are suppose to maintain three types of records. Which answer is not a record?
A. Chain of custody
B. Documentation of the crime scene
C. Searching the crime scene
D. Document your actions
Ans : C
Explanation: You are suppose to maintain three types of records. Searching the crime scene is not a record
8. Physical Forensics Discipline include which of the following?
A. Bloodstain
B. Eating
C. Searching
D. Watching
Ans : A
Explanation: Physical Forensics Discipline include Bloodstain.
9. Volatile data resides in ?
A. registries
B. cache
C. RAM
D. All of the above
Ans : D
Explanation: Volatile data resides in registries, cache, and random access memory (RAM). The investigation of this volatile data is called live forensics.
10. Deleted files is a common technique used in computer forensics is the recovery of deleted files.
A. TRUE
B. FALSE
C. Can be true or false
D. Can not say
Ans : A
Explanation: True, Deleted files is a common technique used in computer forensics is the recovery of deleted files.
11. If a DNS server accepts and uses the wrong details from a host that has no authority giving that information, then this technique is called …?
a) DNS hijacking
b) DNS lookup
c) DNS spoofing
d)All of the above
e)a and b f)None of the above
Ans : c
12. block cypher used by PGP to encrypts data…
a) international data encryption algorithm
b) internet data encryption algorithm
c) private data encryption algorithm
d) All of the above
Ans : a
13.Pretty good privacy PGP(Pretty Good Privacy) is used in…
a) browser security
b) email security
c) FTP security
d) none of the mentioned
Ans : b
14.The extensible authentication protocol is an authentication framework used in…
a) wired local area network
b) wireless networks
c) wired personal area network
d) all of the above
Ans : b
15.What is used to carry traffic of one protocol over
the network that does not support that protocol directly…
a) Tunnelling
b) Trafficking
c) Transferring
d) Switching
Ans : a
16.In which Mode the authentication header is inserted
immediately after the IP header…
a) Tunnel
b) Transport
c) Authentication
d) Both A and B
Ans : a
17.Which of the following is an extension of an enterprise private intranet across a public Network that creates a secure private connection…
a) VNP
b) VSPN
c) VSN
d) VPN
Ans : d
18.What term is considered as a basis for most robust authentication schemes…
a)Registration
b)Identification
c)Encryption
d)Refine information
Ans : c
19.A method that uses two independent pieces/processes of information to identify a user is known as…
a)Authentication through encryption
b)Password-method authentication
c)Two-method authentication
d)Two-factor authentication
Ans : d
20.Where the security enforcement is needed firstly…
a)Scripting
b)Application
c)Assigning Roles
Administration
Ans : b
21.Which database allows a system administrator to associate a function with a relation…
a)Virtual database
b)Private database
c)Custom database
d)Virtual Private Database(VPD)
Ans : d
22.Applications create queries dynamically, can be considered as a risk source of …
a)Active attacks
b)Passive attacks
c)Forgery
d)Injection
Ans : d
23. ____________is known as father of computer forensic.
A. G. Palmar
B. J. Korn
C. Michael Anderson
D. S.Ciardhuain.
Ans: C
24. ___________is well established science where various contribution have been made
A. Forensic
B. Crime
C. Cyber Crime
D. Evidence
Ans: A
25. Who proposed End to End Digital Investigation Process (EEDIP)?
A. G. Palmar
B. Stephenson
C. Michael Anderson
D. S.Ciardhuain
Ans: B
26. Which model of Investigation proposed by Carrier and Safford?
A. Extended Model of Cybercrime Investigation (EMCI)
B. Integrated Digital Investigation Process(IDIP)
C. Road Map for Digital Forensic Research (RMDFR)
D. Abstract Digital Forensic Model (ADFM)
Ans: B
27. Which of the following is not a property of computer evidence?
A. Authentic and Accurate.
B. Complete and Convincing.
C. Duplicated and Preserved.
D. Conform and Human Readable.
Ans. D
28. _______can makes or breaks investigation.
A. Crime
B. Security
C: Digital Forensic
D: Evidence
Ans: D
29. __________ is software that blocks unauthorized users from connecting to your computer.
A. Firewall
B. Quick launch
C. OneLogin
D. Centrify
Ans: A
30. Which of the following are general Ethical norms for Investigator?
A. To contribute to society and human beings.
B. To avoid harm to others.
C. To be honest and trustworthy.
D. All of the above
E. None of the above
Ans: D
31. Which of the following are Unethical norms for Investigator?
A. Uphold any relevant evidence.
B. Declare any confidential matters or knowledge.
C. Distort or falsify education, training, credentials.
D. All of the above
E. None of the above
Ans: D
32. Which of the following is not a general ethical norm for Investigator?
A. To contribute to society and human beings.
B. Uphold any relevant Evidence.
C. To be honest and trustworthy.
D. To honor confidentially.
Ans: B
33. Which of the following is a not unethical norm for Digital Forensics Investigation?
A. Uphold any relevant evidence.
B. Declare any confidential matters or knowledge.
C. Distort or falsify education, training, credentials.
D. To respect the privacy of others.
Ans: D
34. What is called as the process of creation a duplicate of digital media for purpose of
examining it?
A. Acquisition.
B. Steganography.
C. Live analysis
D. Hashing.
Ans: A
35. Which term refers to modifying a computer in a way which was not originally intended to
view Information?
A. Metadata
B. Live analysis
C. Hacking
D. Bit Copy
Ans: C
36. The ability to recover and read deleted or damaged files from a criminal’s computer is an
example of a law enforcement specialty called?
A. Robotics
B. Simulation
C. Computer Forensics
D. Animation
Ans: C
37. What are the important parts of the mobile device which used in Digital forensic?
A. SIM
B. RAM
C. ROM.
D.EMMC chip
Ans: D
38. Using what, data hiding in encrypted images be carried out in digital forensics?
A. Acquisition.
B. Steganography.
C. Live analysis
D. Hashing.
And: B
39. Which of this is not a computer crime?
A. e-mail harassment
B. Falsification of data.
C. Sabotage.
D. Identification of data
Ans. D
40. Which file is used to store the user entered password?
A. .exe
B. .txt
C. .iso
D. .sam
Ans: D
41. __________is the process of recording as much data as possible to create reports and analysis
on user input.
A. Data mining
B. Data carving
C. Metadata
D. Data Spoofing.
Ans: A
42. ________searches through raw data on a hard drive without using a file system.
A. Data mining
B. Data carving
C. Metadata
D. Data Spoofing.
Ans: B
43. What is the first step to Handle Retrieving Data from an Encrypted Hard Drive?
A. Formatting disk
B. Storing data
C. Finding configuration files.
D. Deleting Files
Ans: C
44. Digital Forensics entails _____.
A. Accessing the system's directories viewing mode and navigating through the various systems
files and folders
B. Undeleting and recovering lost files
C. Identifying and solving computer crimes
D. The identification, preservation, recovery, restoration, and presentation of digital evidence
from systems and devices
Ans: D
45. Which of the following is FALSE?
A. The digital forensic investigator must maintain absolute objectivity
B. It is the investigator’s job to determine someone’s guilt or innocence.
C. It is the investigator’s responsibility to accurately report the relevant facts of a case.
D. The investigator must maintain strict confidentiality, discussing the results of an investigation
on only a “need to know”
Ans: B
46. What is the most significant legal issue in computer forensics?
A. Preserving Evidence
B. Seizing Evidence
C. Admissibility of Evidence
D. Discovery of Evidence
Ans: C
47. _______phase includes putting the pieces of a digital puzzle together and developing
investigative hypotheses
A. Preservation phase
B. Survey phase
C. Documentation phase
D. Reconstruction phase
E. Presentation phase
Ans: D
48. In _______phase investigator transfers the relevant data from a venue out of physical or
administrative control of the investigator to a controlled location
A. Preservation phase
B. Survey phase
C. Documentation phase
D. Reconstruction phase
E. Presentation phase
Ans: B
49. In _______phase investigator transfers the relevant data from a venue out of physical or
administrative control of the investigator to a controlled location
A. Preservation phase
B. Survey phase
C. Documentation phase
D. Reconstruction phase
E. Presentation phase
Ans: B
50. Computer forensics do not involve_____activity.
A. Preservation of computer data.
B. Extraction of computer data.
C. Manipulation of computer data.
D. Interpretation of computer data.
Ans: C
51. A set of instruction compiled into a program that perform a particular task is known as:
A. Hardware.
B.CPU
C. Motherboard
D. Software
Ans: D
52. Which of following is not a rule of digital forensics?
A. An examination should be performed on the original data
B. A copy is made onto forensically sterile media. New media should always be used if
available.
C. The copy of the evidence must be an exact, bit-by-bit copy
D. The examination must be conducted in such a way as to prevent any modification of the
evidence.
Ans: A
53. To collect and analyze the digital evidence that was obtained from the physical investigation
phase, is the goal of which phase?
A. Physical crime investigation
B. Digital crime investigation.
C. Review phase.
D. Deployment phase.
Ans: B
54. To provide a mechanism to an incident to be detected and confirmed is purpose of which
phase?
A. Physical crime investigation
B. Digital crime investigation.
C. Review phase.
D. Deployment phase.
Ans: D
55. Which phase entails a review of the whole investigation and identifies an area of improvement?
A. Physical crime investigation
B. Digital crime investigation.
C. Review phase.
D. Deployment phase
Ans: C
0 Comments