Tutorials
PPTs
Lecture Notes
Objective Questions
Lab ProgramsObjective Type Questions & Answers
Cyber Forensics Objective Type Question Bank-Part-2
1. HTTPS is abbreviated as _________
A . Hypertexts Transfer Protocol Secured
B . Secured Hyper Text Transfer Protocol
C . Hyperlinked Text Transfer Protocol Secured
D . Hyper Text Transfer Protocol Secure
2. Which of the following is not a strong security protocol?
A . SSL
B . HTTPL
C . SMTP
D . SFTP
3. An attempt to make a computer resource unavailable to its intended users is called _________
A . Denial-of-service attack
B . Virus attack
C . Worms attack
D . Botnet process
4. You are supposed to maintain three types of records. Which answer is not a record?
A . Chain of custody
B . Documentation of the crime scene
C . Searching the crime scene
D . Document your actions
5. Volatile data resides in ____________________________?
A . Registries
B . Cache
C . RAM
D . All of the above
6. Who Can Use Computer Forensic Evidence?
A . Criminal Prosecutors
B . Civil litigations
C . Law enforcement
D . All of them
7. When handling computers for legal purposes, investigators increasingly are faced with four main types of problems, except:
A . How to recover data from computers while preserving evidential integrity
B . How to keep your data and information safe from theft or accidental loss
C . How to securely store and handle recovered data
D . How to find the significant information in a large volume of data
8. In order for a double tier approach to work it is necessary to have:
A . A defined methodology
B . Civil control
C . A breach of contract
D . Asset recovery
9. Criteria for equipment in the double tier approach results in the following except:
A . Simple to use
B . Quick to learn
C . Totally reliable
D . Legally operable
10. Computer forensics specialist will take several careful steps to identify and attempt to retrieve possible evidence
A . Protect
B . Discover
C . Recover
D . All of them
11. A computer forensics professional does more than turn on a computer, make a directory listing, and search through files. Your forensics professionals should be able to successfully perform complex evidence recovery procedures with the skill and expertise that lends credibility to your case. For example, they should be able to perform the following services, except:
A . Data seizure
B . Data duplication and preservation
C . Data recovery
D . Data dump
12. The following are what it really costs to replace a stolen computer, except:
A . The price of the replacement hardware
B . The price of replacing the software
C . The cost of creating data
D . The cost of lost production time or instruction time
13. Forensic services include but are not limited to the following, except:
A . Lost password and file recovery
B . Location and retrieval of deleted and hidden files
C . File and email decryption
D . Email non-supervision and non-authentication
14. Computer evidence is like any other evidence. It must be
A . Authentic
B . Accurate
C . Complete
D . All of them
15. The legal aspects of a computer forensics investigation center primarily on the following two main issues:
A . The requirements that need to be met in order for evidence to be successfully presented in court and, of course, not considered legally admissible
B . The requirements that need to be met in order for evidence to be successfully presented in court and, of course, considered legally admissible
C . The right of the investigator to avoid the possibility of not incurring legal action against himself or the organization for whom he is conducting the investigation
D . The acceptance of the investigator to avoid the possibility of incurring legal action against himself or the organization for whom he is reviewing the investigation
16. Which of the following is not a type of peer-to-peer cyber-crime?
A . Phishing
B . Injecting Trojans to a target victim
C . MiTM
D . Credit card details leak in deep web
17. In terms of digital evidence, the Internet is an example of
A . Open computer systems
B . Communication systems
C . Embedded computer systems
D . None of the above
18. In terms of digital evidence, a hard drive is an example of:
A . Open computer systems
B . Communication systems
C . Embedded computer systems
D . None of the above
19. In terms of digital evidence, a Smart Card is an example of
A . Open computer systems
B . Communication systems
C . Embedded computer systems
D . None of the above
20. Private networks can be a richer source of evidence than the Internet because:
A . They retain data for longer periods of time.
B . Owners of private networks are more cooperative with law enforcement.
C . Private networks contain a higher concentration of digital evidence.
D . All of the above.
21. Computers can play the following roles in a crime:
A . Target, object, and subject
B . Evidence, instrumentality, contraband, or fruit of crime
C . Object, evidence, and tool
D . Symbol, instrumentality, and source of evidence
22. The following specializations exist in digital investigations:
A . First responder (a.k.a. digital crime scene technician)
B . Forensic examiner
C . Digital investigator
D . All of the above
23. A printer used for counterfeiting is an example of:
A . Hardware as contraband or fruits of crime
B . Hardware as an instrumentality
C . Hardware as evidence
D . Information as contraband or fruits of crime
24. Having a member of the search team trained to handle digital evidence:
A . Can reduce the number of people who handle the evidence
B . Can serve to streamline the presentation of the case
C . Can reduce the opportunity for opposing counsel to impugn the integrity of the evidence
D . All of the above
25. What can you do to determine the number of sectors on a hard drive larger than 8GB?
A . Use a UNIX tool like hdparm
B . Use a Windows tools like EnCase
C . Check the drive manufacturer’s website for the specific drive
D . All of the above
26. A device that connects network with different protocols
A . Switch
B . Hub
C . Gateway
D . All of the above
27. A device that is used to connect a number of LANs is
A . Routers
B . Repeater
C . Bridge
D . All of these
28. Because the Internet is built upon the TCP/IP protocol, many hacker attacks will seek to exploit the TCP ports of these servers with public IP addresses. A number of common ports are scanned and attacked, except:
A . FTP (21)
B . Telnet (23)
C . SMTP (25)
D . INS (53)
29. There are _______ major ways of stealing email information.
A . 2
B . 3
C . 4
D . 5
30. Which of them is not a major way of stealing email information?
A . Stealing cookies
B . Reverse Engineering
C . Password Phishing
D . Social Engineering
31. Which of them is an example of grabbing email information?
A . Cookie stealing
B . Reverse engineering
C . Port scanning
D . Banner grabbing
32. The process of documenting the seizure of digital evidence and, in particular, when that evidence changes hands, is known as:
A . Chain of custody
B . Field notes
C . Interim report
D . None of the above
33. A network sniffer program is an example of:
A . Hardware as contraband or fruits of crime
B . Hardware as an instrumentality
C . Information as an instrumentality
D . Information as evidence
34. HDD,CD/DVD media, backup tapes, USB drive, biometric scanner, digital camera, smart phone, smart card, PDA etc. are ________________________________________.
A . Physical evidence
B . Electronic evidence
C . Illustrative evidence.
D . Documented evidence
35. Which of the following is not a type of volatile evidence?
A . Routing tables
B . Main memory
C . Log files
D . Cached data
36. Private networks can be a richer source of evidence than the Internet because:
A . They retain data for longer periods of time.
B . Owners of private networks are more cooperative with law enforcement.
C . Private networks contain a higher concentration of digital evidence.
D . All of the above.
37. ___________________ the first task in computer forensics investigation.
A . Acquisition
B . Validation and discrimination
C . Extraction
D . Reconstruction
38. Validating data is done by obtaining
A . Binary values
B . Hex values
C . Hash values
D . None of the above
39. _____________________laptop computer with a built-in LCD monitor and almost as many bays and peripherals as a stationary workstation
A . Lightweight workstation
B . Portable workstation
C . Advanced Stationary workstation
D . None of the above
40. ___________________publishes articles, provides tools, and creates procedures for testing and validating computer forensics software.
A . IIT
B . MIT
C . NIST
D . both B & C
41. ______________________ e-mail system is specific to a company, used only by its employees.
A . Localhost
B . Intranet
C . Internet
D . None of the above
42. What is the disadvantage of circular logging?
A . It saves server space
B . Can’t recover a log after it’s overwritten
C . It records traffic in the Mon.log file
D . None of the above
43. E-mail logs generally identifies:
A . E-mail contents
B . IP address
C . System-specific information
D . All of the above
44. What are some tools that can be used to recover e-mail files?
A . ProDiscover Basic and Access Data FTK
B . FINAL e MAIL for Outlook Express and Eudora
C . Sawmill-GroupWise for log analysis office_agent.html
D . All of the above
45. What is the search criteria used to find log files?
A . .log
B . .db
C . .pst
D . .ost
46. What is one of the most challenging tasks in digital forensics?
A . Investigating cell phones and mobile devices
B . Investigating laptops and desktops
C . Investigating servers and databases
D . Investigating networks and routers
47. What is a SIM card reader?
A . A software device
B . A hardware device
C . A combination hardware/software device
D . None of these
48. What is the first tool used for computer investigations?
A . Norton Disk Edit
B . FTK Imager
C . MS-DOS
D . None of the above
49. What is the most challenging task in a computing investigation?
A . Data viewing
B . Keyword searching
C . Decompressing
D . Recovery task
50. What is the primary purpose of data discrimination?
A . To remove good data from suspicious data
B . To remove suspicious data from good data
C . To remove all data from the disk
D . To remove all files from the disk
51. What is the first task in computer forensics investigations?
A . Copying the original drive
B . Analyzing the data
C . Preserving the original drive
D . Acquiring an image
52. What are software forensics tools used for?
A . To analyze image files
B . To copy data from a suspect’s drive to an image file
C . To read all structures in an image file though image were original drive.
D . Both B and C
53. What is the purpose of GUI acquisition tools?
A . To analyze image files
B . To copy data from a suspect’s drive to an image file
C . To read all structures in an image file as though the image were the original drive.
D . All the above
54. What are some analysis tools used for analyzing image files?
A . ProDiscover and En Case
B . FTK and X-Ways Forensics
C . ILook
D . All of the above
55. Software Forensics Tools Software forensics tools are grouped into
A . Command-line applications
B . GUI applications
C . Both A & B
D . None of the Above
56. What is the function of validation and discrimination?
A . To refine data analysis and recovery
B . To acquire data from a device
C . To extract data from a device
D . None of the above
57. ____________________powerful Windows tool available at Sysinternals
A . RegMon
B . filemon
C . handle
D . All the above
58. ______________________ tool display who logged on locally
A . PsLoggedOn
B . PsKill
C . PsPasswd
D . PsList
59. _________________ Kills processes by name or process ID
A . PsExec
B . PsGetSid
C . PsKill
D . PsList
60. _______________ tool allows you to change account password
A . PsService
B . PsPasswd
C . PsShutdown
D . PsSuspend
61. _______ tool lists detailed information about processes
A . PsGetSid
B . PsKill
C . PsList
D . PsLoggedOn
62.) _______ tool shuts down and optionally restarts a computer
A . PsSuspend
B . PsPasswd
C . PsService
D . PsShutdown
Fill in the Blanks
63. _________________is chronological documentation of electronic evidence.
64.The aim of a forensic examination is to prove with certainty what occurred (True/False)?
65. Even digital investigations that do not result in legal action can benefit from principles of forensic science.(True/False)?
66. Forensic science is the application of science to investigation and prosecution of crime or to the just resolution of conflict.(True/False)?
67. When a file is deleted from a hard drive, it can often be recovered.(True/False)?
68. NSA stands for ___________________________________________
69._______________________ is the strategy developed by the National Security Agency.
70. Three modes of protection in DiD are ___________________________________.
71. IDS stand for _______________________________
72. How long a piece of information lasts on a system is known as ________________________
73.________________ is a collection of free tools for examining Windows products.
74. DDL stands for _______________________________
75.___________________ tool shows all Registry data in real time.
76.__________________________ enables you to view and control services.
Relevant Materials :
☞ Cyber Forensics Objective Type Question Bank-Part-2 - [ Cyber Forensics ]
☞ Cyber Forensics Objective Type Question Bank-Part-1 - [ Cyber Forensics ]
Similar Materials :
☞ R - Programming MCQs - Unit-1 - [ R-Programming ]
☞ R - Programming MCQs - Unit-2 - [ R-Programming ]
☞ R - Programming MCQs - Unit-3 - [ R-Programming ]
☞ R - Programming MCQs - Unit-4 - [ R-Programming ]
☞ R - Programming MCQs - Unit-5 - [ R-Programming ]
☞ Formal Languages and Automata Theory (FLAT) MCQs - Unit-1 - [ FLAT ]
☞ Formal Languages and Automata Theory (FLAT) MCQs - Unit-2 - [ FLAT ]
☞ Formal Languages and Automata Theory (FLAT) MCQs - Unit-3 - [ FLAT ]
☞ Formal Languages and Automata Theory (FLAT) MCQs - Unit-4 - [ FLAT ]
☞ Formal Languages and Automata Theory (FLAT) MCQs - Unit-5 - [ FLAT ]
☞ PPS MCQs - Unit-1 - [ PPS ]
☞ PPS MCQs - Unit-2 - [ PPS ]
☞ PPS MCQs - Unit-3 - [ PPS ]
☞ PPS MCQs - Unit-4 - [ PPS ]
☞ PPS MCQs - Unit-5 - [ PPS ]
☞ Object Oriented Programming through Java MCQs - Unit-1 - [ OOP_JAVA ]
☞ Object Oriented Programming through Java MCQs - Unit-2 - [ OOP_JAVA ]
☞ Object Oriented Programming through Java MCQs - Unit-3 - [ OOP_JAVA ]
☞ Object Oriented Programming through Java MCQs - Unit-4 - [ OOP_JAVA ]
☞ Object Oriented Programming through Java MCQs - Unit-5 - [ OOP_JAVA ]
☞ Design and Analysis of Algorithms MCQs - Unit-1 - [ DAA ]
☞ Design and Analysis of Algorithms MCQs - Unit-2 - [ DAA ]
☞ Design and Analysis of Algorithms MCQs - Unit-3 - [ DAA ]
☞ Design and Analysis of Algorithms MCQs - Unit-4 - [ DAA ]
☞ Design and Analysis of Algorithms MCQs - Unit-5 - [ DAA ]
☞ Software Engineering MCQs - Unit-1 - [ SE ]
☞ Software Engineering MCQs - Unit-2 - [ SE ]
☞ Software Engineering MCQs - Unit-3 - [ SE ]
☞ Software Engineering MCQs - Unit-4 - [ SE ]
☞ Software Engineering MCQs - Unit-5 - [ SE ]
☞ Data Mining MCQs - Unit-1 - [ DM ]
☞ Data Mining MCQs - Unit-2 - [ DM ]
☞ Data Mining MCQs - Unit-3 - [ DM ]
☞ Data Mining MCQs - Unit-4 - [ DM ]
☞ Data Mining MCQs - Unit-5 - [ DM ]
☞ Computer Organization and Architecture (COA) Objective Question Bank-Unit-1 - [ COA ]
☞ Computer Organization and Architecture (COA) Objective Question Bank-Unit-2 - [ COA ]
☞ Computer Organization and Architecture (COA) Objective Question Bank-Unit-3 - [ COA ]
☞ Computer Organization and Architecture (COA) Objective Question Bank-Unit-4 - [ COA ]
☞ Computer Organization and Architecture (COA) Objective Question Bank-Unit-5 - [ COA ]
☞ Data Structures Objective Type Question Bank-Unit-1 - [ DS ]
☞ Data Structures Objective Type Question Bank-Unit-2 - [ DS ]
☞ Data Structures Objective Type Question Bank-Unit-3 - [ DS ]
☞ Data Structures Objective Type Question Bank-Unit-4 - [ DS ]
☞ Data Structures Objective Type Question Bank-Unit-5 - [ DS ]
☞ Database Management System Objective Type Question Bank-Unit-1 - [ DBMS ]
☞ Database Management System Objective Type Question Bank-Unit-2 - [ DBMS ]
☞ Database Management System Objective Type Question Bank-Unit-3 - [ DBMS ]
☞ Database Management System Objective Type Question Bank-Unit-4 - [ DBMS ]
☞ Database Management System Objective Type Question Bank-Unit-5 - [ DBMS ]