Pass4itsure > Guidance Software > Guidance Software Certification > GD0-110 > GD0-110 Online Practice Questions and Answers

GD0-110 Online Practice Questions and Answers

Questions 4

What are the EnCase configuration .ini files used for?

A. Storing information that will be available to EnCase each time it is opened, regardless of the active case(s).

B. Storing the results of a signature analysis.

C. Storing pointers to acquired evidence.

D. Storing information that is specific to a particular case.

Buy Now
Questions 5

In the EnCase environment, the term xternal viewers?is best described as: In the EnCase environment, the term ?xternal viewers?is best described as:

A. Programs that are exported out of an evidence file.

B. Programsthat are associated with EnCase to open specific file types.

C. Any program that will work with EnCase.

D. Any program that is loaded on the lab hard drive.

Buy Now
Questions 6

What information in a FAT file system directory entry refers to the location of a file on the hard drive?

A. The starting cluster

B. The fragmentation settings

C. The file attributes

D. The file size

Buy Now
Questions 7

Select the appropriate name for the highlighted area of the binary numbers.

A. Nibble

B. Byte

C. Dword

D. Bit

E. Word

Buy Now
Questions 8

Bookmarks are stored in which of the following files?

A. All of the above

B. The case file

C. The evidence file

D. The configuration Bookmarks.ini file

Buy Now
Questions 9

To undelete a file in the FAT file system, EnCase computes the number of the file will use based on the file .

A. Clusters; file size

B. Sectors; file size

C. Clusters; starting extent

D. Sectors; starting extent

Buy Now
Questions 10

In Windows 98 and ME, Internet based e-mail, such as Hotmail, will most likely be recovered in the folder.

A. C:\Windows\Online\Applications\email

B. C:\Windows\Temp

C. C:\Windows\Temporary Internet files

D. C:\Windows\History\Email

Buy Now
Questions 11

How does EnCase verify that the evidence file contains an exact copy of the suspect hard drive?

A. By means of a CRC value of the suspect hard drive compared to a CRC value of the data stored in the evidence file. By means of a CRC value of the suspect hard drive compared to a CRC value of the data stored in the evidence file.

B. By means of a CRC value of the evidence file itself.

C. By means of an MD5 hash of the suspect hard drive compared to an MD5 hash of the data stored in the evidence file. By means of an MD5 hash of the suspect hard drive compared to an MD5 hash of the data stored in the evidence file.

D. By means of an MD5 hash value of the evidence file itself.

Buy Now
Questions 12

The first sector on a hard drive is called the:

A. Volume boot record

B. Volume boot sector

C. Master boot record

D. Master file table

Buy Now
Questions 13

A sector on a hard drive contains how many bytes?

A. 2048

B. 1024

C. 4096

D. 512

Buy Now
Exam Code: GD0-110
Exam Name: Certification Exam for EnCE Outside North America
Last Update: Apr 22, 2024
Questions: 174
10%OFF Coupon Code: SAVE10

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART