In a forensic examination of hard drives for digital evidence, what type of user is most likely to have the mo
In a forensic examination of hard drives for digital evidence, what type of user is most likely to have the most file slack to analyze? A. one who has NTFS 4 or 5 partitions B. one who uses dynamic swap file capability C. one who uses hard disk writes on IRQ 13 and 21 D. […]
E-mail logs contain which of the following information to help you in your investigation?
E-mail logs contain which of the following information to help you in your investigation? (Choose four.) A. user account that was used to send the account B. attachments sent with the e-mail message C. unique message identifier D. contents of the e-mail message E. date and time the message was sent
Which is a standard procedure to perform during all computer forensics investigations?
Which is a standard procedure to perform during all computer forensics investigations? A. with the hard drive removed from the suspect PC, check the date and time in the system’s CMOS B. with the hard drive in the suspect PC, check the date and time in the File Allocation Table C. with the hard drive […]
The MD5 program is used to:
The MD5 program is used to: A. wipe magnetic media before recycling it B. make directories on an evidence disk C. view graphics files on an evidence drive D. verify that a disk is not altered when you examine it
You are working as an investigator for a corporation and you have just received instructions from your manager
You are working as an investigator for a corporation and you have just received instructions from your manager to assist in the collection of 15 hard drives that are part of an ongoing investigation. Your job is to complete the required evidence custody forms to properly document each piece of evidence as it is collected […]
Which legal document allows law enforcement to search an office, place of business, or other locale for eviden
Which legal document allows law enforcement to search an office, place of business, or other locale for evidence relating to an alleged crime? A. bench warrant B. wire tap C. subpoena D. search warrant
What does the acronym POST mean as it relates to a PC?
What does the acronym POST mean as it relates to a PC? A. Primary Operations Short Test B. PowerOn Self Test C. Pre Operational Situation Test D. Primary Operating System Test
Lance wants to place a honeypot on his network.
Lance wants to place a honeypot on his network. Which of the following would be your recommendations? A. Use a system that has a dynamic addressing on the network B. Use a system that is not directly interacting with the router C. Use it on a system in an external DMZ in front of the […]
Which part of the Windows Registry contains the user’s password file?
Which part of the Windows Registry contains the user’s password file? A. HKEY_LOCAL_MACHINE B. HKEY_CURRENT_CONFIGURATION C. HKEY_USER D. HKEY_CURRENT_USER
When examining the log files from a Windows IIS Web Server, how often is a new log file created?
When examining the log files from a Windows IIS Web Server, how often is a new log file created? A. the same log is used at all times B. a new log file is created everyday C. a new log file is created each week D. a new log is created each time the Web […]