312-49V10 Online Practice Questions and Answers

Hard disk data addressing is a method of allotting addresses to each ___________of data on a hard disk

A. Physical block

B. Logical block

C. Operating system block

D. Hard disk block

Digital photography helps in correcting the perspective of the Image which Is used In taking the measurements of the evidence. Snapshots of the evidence and incident-prone areas need to be taken to help in the forensic process. Is digital photography accepted as evidence in the court of law?

A. Yes

B. No

The IIS log file format is a fixed (cannot be customized) ASCII text-based format. The IIS format includes basic items, such as client IP address, user name, date and time, service and instance, server name and IP address, request type, target of operation, etc. Identify the service status code from the following IIS log.

192.168.100.150, -, 03/6/11, 8:45:30, W3SVC2, SERVER, 172.15.10.30, 4210, 125, 3524, 100, 0, GET, / dollerlogo.gif,

A. W3SVC2

B. 4210

C. 3524

D. 100

Depending upon the Jurisdictional areas, different laws apply to different incidents. Which of the following law is related to fraud and related activity in connection with computers?

A. 18 USC 7029

B. 18 USC 7030

C. 18 USC 7361

D. 18 USC 7371

When investigating a computer forensics case where Microsoft Exchange and Blackberry Enterprise server are used, where would investigator need to search to find email sent from a Blackberry device?

A. RIM Messaging center

B. Blackberry Enterprise server

C. Microsoft Exchange server

D. Blackberry desktop redirector

When cataloging digital evidence, the primary goal is to

A. Make bit-stream images of all hard drives

B. Preserve evidence integrity

C. Not remove the evidence from the scene

D. Not allow the computer to be turned off

If you plan to startup a suspect's computer, you must modify the ___________ to ensure that you do not contaminate or alter data on the suspect's hard drive by booting to the hard drive.

A. deltree command

B. CMOS

C. Boot.sys

D. Scandisk utility

E. boot.ini

When is it appropriate to use computer forensics?

A. If copyright and intellectual property theft/misuse has occurred

B. If employees do not care for their boss?management techniques

C. If sales drop off for no apparent reason for an extended period of time

D. If a financial institution is burglarized by robbers

Which of the following refers to the process of the witness being questioned by the attorney who called the latter to the stand?

A. Witness Authentication

B. Direct Examination

C. Expert Witness

D. Cross Questioning

Which tool does the investigator use to extract artifacts left by Google Drive on the system?

A. PEBrowse Professional

B. RegScanner

C. RAM Capturer

D. Dependency Walker