which of the following is the most important to your professional reputation?
As a CHFI professional, which of the following is the most important to your professional
reputation?
Which of the following tools would allow you to quickly and efficiently search for a string within a file on t
You are conducting an investigation of fraudulent claims in an insurance company that involves
complex text searches through large numbers of documents. Which of the following tools would
allow you to quickly and efficiently search for a string within a file on the bitmap image of the target
computer?
When cataloging digital evidence, the primary goal is to:
When cataloging digital evidence, the primary goal is to:
What is preventing the police from breaking down the suspects door and searching his home and seizing all of h
The police believe that Mevin Mattew has been obtaining unauthorized access to computers
belonging to numerous computer software and computer operating systems manufacturers,
cellular telephone manufacturers, Internet Service Providers and Educational Institutions. They
also suspect that he has been stealing, copying and misappropriating proprietary computer
software belonging to the several victim companies. What is preventing the police from breaking
down the suspects door and searching his home and seizing all of his computer equipment if they
have not yet obtained a warrant?
You inform the officer that you will not be able to comply with that request because doing so would:
You are working as a Computer forensics investigator for a corporation on a computer abuse
case. You discover evidence that shows the subject of your investigation is also embezzling
money from the company. The company CEO and the corporate legal counsel advise you to
contact law enforcement and provide them with the evidence that you have founD. The law
enforcement officer that responds requests that you put a network sniffer on your network and
monitor all traffic to the subjects computer. You inform the officer that you will not be able to
comply with that request because doing so would:
A law enforcement officer may only search for and seize criminal evidence with _____________…
A law enforcement officer may only search for and seize criminal evidence with _____________,
which are facts or circumstances that would lead a reasonable person to believe a crime has
been committed or is about to be committed, evidence of the specific crime exists and the
evidence of the specific crime exists at the place to be searcheD.
Which of the following are you most interested in when trying to trace the source of the message?
You have been asked to investigate after a user has reported a threatening e-mail they have
received from an external source. Which of the following are you most interested in when trying to
trace the source of the message?
How would you permanently erase the data on the hard disk?
You have completed a forensic investigation case. You would like to destroy the data contained in
various disks at the forensics lab due to sensitivity of the case. How would you permanently erase
the data on the hard disk?
What is that code called?
Office Documents (Word, Excel and PowerPoint) contain a code that allows tracking the MAC or
unique identifier of the machine that created the document. What is that code called?
When using Windows acquisitions tools to acquire digital evidence, it is important to use a welltested hardwar
When using Windows acquisitions tools to acquire digital evidence, it is important to use a welltested hardware write-blocking device to: