Computer forensics report provides detailed information on complete computer forensics investigation process. It should explain how the incident occurred, provide technical details of the incident and should be clear to understand. Which of the following attributes of a forensics report can render it inadmissible in a court of law?
A. It is based on logical assumptions about the incident timeline
B. It maintains a single document style throughout the text
C. It includes relevant extracts referred to In the report that support analysis or conclusions
D. It includes metadata about the incident
正解:A
質問 2:
When dealing with the powered-off computers at the crime scene, if the computer is switched off, turn it on
A. False
B. True
正解:A
質問 3:
Hard disk data addressing is a method of allotting addresses to each ___________of data on a hard disk
A. Logical block
B. Hard disk block
C. Operating system block
D. Physical block
正解:D
質問 4:
Ron. a computer forensics expert, Is Investigating a case involving corporate espionage. He has recovered several mobile computing devices from the crime scene. One of the evidence that Ron possesses is a mobile phone from Nokia that was left in on condition. Ron needs to recover the IMEI number of the device to establish the identity of the device owner. Which of the following key combinations he can use to recover the IMEI number?
A. *#06#
B. #06r
C. *1MEI#
D. #*06*#
正解:A
質問 5:
In Windows 7 system files, which file reads the Boot.ini file and loads Ntoskrnl.exe. Bootvid.dll. Hal.dll, and boot-start device drivers?
A. Ntldr
B. Gdi32.dll
C. Boot.in
D. Kernel32.dll
正解:A
質問 6:
Which one of the following is not a consideration in a forensic readiness planning checklist?
A. Identify the potential evidence available
B. Define the business states that need digital evidence
C. Take permission from all employees of the organization
D. Decide the procedure for securely collecting the evidence that meets the requirement fn a forensically sound manner
正解:C
質問 7:
Billy, a computer forensics expert, has recovered a large number of DBX files during forensic investigation of a laptop. Which of the following email clients he can use to analyze the DBX files?
A. Eudora
B. Microsoft Outlook
C. Mozilla Thunderoird
D. Microsoft Outlook Express
正解:D
質問 8:
Which device in a wireless local area network (WLAN) determines the next network point to which a packet should be forwarded toward its destination?
A. Wireless modem
B. Mobile station
C. Wireless router
D. Antenna
正解:C
質問 9:
Volatile information can be easily modified or lost when the system is shut down or rebooted. It helps to determine a logical timeline of the security incident and the users who would be responsible.
A. False
B. True
正解:B