Windows Security Accounts Manager (SAM) is a registry file which stores passwords in a hashed format.
SAM file in Windows is located at:
A. C:\windows\system32\drivers\SAM
B. C:\windows\system32\con\SAM
C. C:\windows\system32\Boot\SAM
D. C:\windows\system32\config\SAM
正解:D
質問 2:
Which of the following Wi-Fi chalking methods refers to drawing symbols in public places to advertise open Wi-Fi networks?
A. WarWalking
B. WarFlying
C. WarChalking
D. WarDhving
正解:C
質問 3:
Log management includes all the processes and techniques used to collect, aggregate, and analyze computer-generated log messages. It consists of the hardware, software, network and media used to generate, transmit, store, analyze, and dispose of log data.
A. False
B. True
正解:B
質問 4:
Data Acquisition is the process of imaging or otherwise obtaining information from a digital device and its peripheral equipment and media
A. False
B. True
正解:B
質問 5:
Data compression involves encoding the data to take up less storage space and less bandwidth for transmission. It helps in saving cost and high data manipulation in many business applications.
Which data compression technique maintains data integrity?
A. Lossless compression
B. Lossy video compression
C. Speech encoding compression
D. Lossy compression
正解:A
質問 6:
A steganographic file system is a method to store the files in a way that encrypts and hides the data without the knowledge of others
A. False
B. True
正解:B
質問 7:
You can interact with the Registry through intermediate programs. Graphical user interface (GUI) Registry editors such as Regedit.exe or Regedt32 exe are commonly used as intermediate programs in Windows 7. Which of the following is a root folder of the registry editor?
A. HKEY_LOCAL_ADMIN
B. HKEY_CLASSES_ADMIN
C. HKEY_CLASSES_SYSTEM
D. HKEY_USERS
正解:D
質問 8:
Centralized logging is defined as gathering the computer system logs for a group of systems in a centralized location. It is used to efficiently monitor computer system logs with the frequency required to detect security violations and unusual activity.
A. False
B. True
正解:B
質問 9:
In which step of the computer forensics investigation methodology would you run MD5 checksum on the evidence?
A. Evaluate and secure the scene
B. Obtain search warrant
C. Collect the evidence
D. Acquire the data
正解:D