What should you do when approached by a reporter about a case that you are working on or have worked on?
What should you do when approached by a reporter about a case that you are working on or have
worked on?
It is written to the outermost track of a disk and contains information about each file stored on the drive
This is original file structure database that Microsoft originally designed for floppy disks. It is
written to the outermost track of a disk and contains information about each file stored on the
drive.
What port do you send the email to on the company SMTP server?
You are working in the security Department of law firm. One of the attorneys asks you about the
topic of sending fake email because he has a client who has been charged with doing just that. His
client alleges that he is innocent and that there is no way for a fake email to actually be sent. You
inform the attorney that his client is mistaken and that fake email is possibility and that you can
prove it. You return to your desk and craft a fake email to the attorney that appears to come from
his boss. What port do you send the email to on the company SMTP server?
which of the following options would you suggest as the most appropriate to overcome the problem of capturing
Volatile Memory is one of the leading problems for forensics. Worms such as code Red are
memory resident and do write themselves to the hard drive, if you turn the system off they
disappear. In a lab environment, which of the following options would you suggest as the most
appropriate to overcome the problem of capturing volatile memory?
Diskcopy is:
Diskcopy is:
What do you do?
You are working as Computer Forensics investigator and are called by the owner of an accounting
firm to investigate possible computer abuse by one of the firms employees. You meet with the
owner of the firm and discover that the company has never published a policy stating that they
reserve the right to inspect their computing assets at will.
What do you do?
Which of the following countermeasure can specifically protect against both the MAC Flood and MAC Spoofing att
Which of the following countermeasure can specifically protect against both the MAC Flood and
MAC Spoofing attacks?
What technique does Jimmy use to compromise a database?
Jimmy, an attacker, knows that he can take advantage of poorly designed input validation routines
to create or alter SQL commands to gain access to private data or execute commands in the
database. What technique does Jimmy use to compromise a database?
What is this technique called?
This IDS defeating technique works by splitting a datagram (or packet) into multiple fragments and
the IDS will not spot the true nature of the fully assembled datagram. The datagram is not
reassembled until it reaches its final destination. It would be a processor-intensive task for IDS to
reassemble all fragments itself, and on a busy system the packet will slip through the IDS onto the
network. What is this technique called?
How would you prevent such type of attacks?
If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of
business, they just have to find a job opening, prepare someone to pass the interview, have that
person hired, and they will be in the organization.
How would you prevent such type of attacks?