لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
When an investigator contacts by telephone the domain administrator or controller listed by a Who is lookup to request all e-mails sent and received for a user account be preserved, what U.S.C. statute authorizes this phone call and obligates the ISP to preserve e-mail records?
A. Title 18, Section 1030
B. Title 18, Section 2703(d)
C. Title 18, Section Chapter 90
D. Title 18, Section 2703(f)
عرض الإجابة
اجابة صحيحة: D
السؤال #2
You are contracted to work as a computer forensics investigator for a regional bank that has four 30 TB storage area networks that store customer data. What method would be most efficient for you to acquire digital evidence from this network?
A. create a compressed copy of the file with DoubleSpace
B. create a sparse data copy of a folder or file
C. make a bit-stream disk-to-image file
D. make a bit-stream disk-to-disk file
عرض الإجابة
اجابة صحيحة: C
السؤال #3
Which of the following information is displayed when Netstat is used with -ano switch?
A. Details of TCP and UDP connections
B. Contents of IP routing table
C. Details of routing table
D. Ethernet statistics
عرض الإجابة
اجابة صحيحة: A
السؤال #4
You are using DriveSpy, a forensic tool and want to copy 150 sectors where the starting sector is 1709 on the primary hard drive. Which of the following formats correctly specifies these sectors?
A. 0:1000, 150
B. 0:1709, 150
C. 1:1709, 150
D. 0:1709-1858
عرض الإجابة
اجابة صحيحة: B
السؤال #5
You are contracted to work as a computer forensics investigator for a regional bank that has four 30 TB storage area networks that store customer data. What method would be most efficient for you to acquire digital evidence from this network?
A. create a compressed copy of the file with DoubleSpace
B. create a sparse data copy of a folder or file
C. make a bit-stream disk-to-image file
D. make a bit-stream disk-to-disk file
عرض الإجابة
اجابة صحيحة: C
السؤال #6
Which of the following commands shows you all of the network services running on Windows-based servers?
A. Net use
B. Net config
C. Netstart
D. Net Session
عرض الإجابة
اجابة صحيحة: C
السؤال #7
Item 2If you come across a sheepdip machine at your client site, what would you infer?
A. A sheepdip coordinates several honeypots
B. A sheepdip computer is another name for a honeypot
C. A sheepdip computer is used only for virus-checking
D. A sheepdip computer defers a denial of service attack
عرض الإجابة
اجابة صحيحة: C
السؤال #8
How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?
A. 128
B. 64
C. 32
D. 16
عرض الإجابة
اجابة صحيحة: D
السؤال #9
When an investigator contacts by telephone the domain administrator or controller listed by a Who is lookup to request all e-mails sent and received for a user account be preserved, what U.S.C. statute authorizes this phone call and obligates the ISP to preserve e-mail records?
A. Title 18, Section 1030
B. Title 18, Section 2703(d)
C. Title 18, Section Chapter 90
D. Title 18, Section 2703(f)
عرض الإجابة
اجابة صحيحة: D
السؤال #10
When an investigator contacts by telephone the domain administrator or controller listed by a Who is lookup to request all e-mails sent and received for a user account be preserved, what U.S.C. statute authorizes this phone call and obligates the ISP to preserve e-mail records?
A. Title 18, Section 1030
B. Title 18, Section 2703(d)
C. Title 18, Section Chapter 90
D. Title 18, Section 2703(f)
عرض الإجابة
اجابة صحيحة: D
السؤال #11
In which step of the computer forensics investigation methodology would you run MD5 checksum on the evidence?
A. Obtain search warrant
B. Evaluate and secure the scene
C. Collect the evidence
D. Acquire the data
عرض الإجابة
اجابة صحيحة: D
السؤال #12
A honey pot deployed with the IP 172.16.1.108 was compromised by an attacker. Given below is an excerpt from a Snort binary capture of the attack. Decipher the activity carried out by the attacker by studying the log. Please note that you are required to infer only what is explicit in the excerpt. (Note: The student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump.) 03/15-20:21:24.107053 211.185.
A. The attacker has conducted a network sweep on port 111
B. The attacker has scanned and exploited the system using Buffer Overflow
C. The attacker has used a Trojan on port 32773
D. The attacker has installed a backdoor
عرض الإجابة
اجابة صحيحة: A
السؤال #13
Which of the following commands shows you the NetBIOS name table each?
A. nbtstat -n
B. nbtstat -c
C. nbtstat -r
D. nbtstat -s
عرض الإجابة
اجابة صحيحة: A
السؤال #14
Before you are called to testify as an expert, what must an attorney do first?
A. engage in damage control
B. prove that the tools you used to conduct your examination are perfect
C. read your curriculum vitae to the jury
D. qualify you as an expert witness
عرض الإجابة
اجابة صحيحة: D
السؤال #15
In which step of the computer forensics investigation methodology would you run MD5 checksum on the evidence?
A. Evaluate and secure the scene
B. Collect the evidence
C. Acquire the data
D. Obtain search warrant
عرض الإجابة
اجابة صحيحة: C
السؤال #16
With Regard to using an Antivirus scanner during a computer forensics investigation, You should:
A. Scan your Forensics workstation before beginning an investigation
B. Never run a scan on your forensics workstation because it could change your systems configuration
C. Scan your forensics workstation at intervals of no more than once every five minutes during an investigation
D. Scan the suspect hard drive before beginning an investigation
عرض الإجابة
اجابة صحيحة: A
السؤال #17
What stage of the incident handling process involves reporting events?
A. Follow-up
B. Recovery
C. Containment
D. Identification
عرض الإجابة
اجابة صحيحة: D
السؤال #18
Network forensics can be defined as the sniffing, recording, acquisition and analysis of the network traffic and event logs in order to investigate a network security incident.
A. True
B. False
عرض الإجابة
اجابة صحيحة: A
السؤال #19
Which of the following is not a part of data acquisition forensics Investigation?
A. Permit only authorized personnel to access
B. Protect the evidence from extremes in temperature
C. Work on the original storage medium not on the duplicated copy
D. Disable all remote access to the system
عرض الإجابة
اجابة صحيحة: C
السؤال #20
You are working on a thesis for your doctorate degree in Computer Science. Your thesis is based on HTML, DHTML, and other web-based languages and how they have evolved over the years. You navigate to archive. org and view the HTML code of news.com. You then navigate to the current news.com website and copy over the source code. While searching through the code, you come across something abnormal: What have you found?
A. Web bug
B. CGI code
C. Trojan
D. Blind bug
عرض الإجابة
اجابة صحيحة: A
السؤال #21
Unix では印刷時にファイルはどこに一時的に書き込まれるのでしょうか?
A. /var/print
B. /var/spool
C. /usr/spool
D. /spool
عرض الإجابة
اجابة صحيحة: B
السؤال #22
In a computer forensics investigation, what describes the route that evidence takes from the time you find it until the case is closed or goes to court?
A. rules of evidence
B. law of probability
C. chain of custody
D. policy of separation
عرض الإجابة
اجابة صحيحة: C
السؤال #23
Jason, a renowned forensic investigator, is investigating a network attack that resulted in the compromise of several systems in a reputed multinational's network. He started Wireshark to capture the network traffic. Upon investigation, he found that the DNS packets travelling across the network belonged to a non-company configured IP. Which of the following attack Jason can infer from his findings?
A. DNS Redirection
B. DNS Poisoning
C. Cookie Poisoning Attack
D. Session poisoning
عرض الإجابة
اجابة صحيحة: B
السؤال #24
System software password cracking is defined as cracking the operating system and all other utilities that enable a computer to function
A. False
B. True
عرض الإجابة
اجابة صحيحة: B
السؤال #25
How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?
A. 128
B. 64
C. 32
D. 16
عرض الإجابة
اجابة صحيحة: C
السؤال #26
How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?
A. 128
B. 64
C. 32
D. 16
عرض الإجابة
اجابة صحيحة: D
السؤال #27
A honey pot deployed with the IP 172.16.1.108 was compromised by an attacker. Given below is an excerpt from a Snort binary capture of the attack. Decipher the activity carried out by the attacker by studying the log. Please note that you are required to infer only what is explicit in the excerpt. (Note: The student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump.) 03/15-20:21:24.107053 211.185.
A. The attacker has conducted a network sweep on port 111
B. The attacker has scanned and exploited the system using Buffer Overflow
C. The attacker has used a Trojan on port 32773
D. The attacker has installed a backdoor
عرض الإجابة
اجابة صحيحة: A
السؤال #28
Operating System logs are most beneficial for Identifying or Investigating suspicious activities involving a particular host. Which of the following Operating System logs contains information about operational actions performed by OS components?
A. Firewall logs
B. IDS logs
C. Event logs
D. Audit logs
عرض الإجابة
اجابة صحيحة: C
السؤال #29
You are contracted to work as a computer forensics investigator for a regional bank that has four 30 TB storage area networks that store customer data. What method would be most efficient for you to acquire digital evidence from this network?
A. create a compressed copy of the file with DoubleSpace
B. create a sparse data copy of a folder or file
C. make a bit-stream disk-to-image file
D. make a bit-stream disk-to-disk file
عرض الإجابة
اجابة صحيحة: C
السؤال #30
Item 2If you come across a sheepdip machine at your client site, what would you infer?
A. A sheepdip coordinates several honeypots
B. A sheepdip computer is another name for a honeypot
C. A sheepdip computer is used only for virus-checking
D. A sheepdip computer defers a denial of service attack
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.