312-49v9 V8.02_formatted
QUESTION 1
The Recycle Bin is located on the Windows desktop. When you delete an item from the hard disk,
Windows sends that
... [Show More] deleted item to the Recycle Bin and the icon changes to full of empty, but items
deleted from removable media, such as a floppy disk or network drive, are not stored in the Recycle
Bin. What is the size limit for Recycle Bin in Vista and later versions of the Windows?
A. No size limits
QUESTION 2
Which of the following is not an example of a cyber-crime?
B. Firing an employee for misconduct
QUESTION 3
Files stored in the Recycle Bin in its physical location are renamed as Dxy.ext, where, “X" represents
the .
A. Drive name
QUESTION 4
Which of the following statement is not correct when dealing with a powered-on computer at the
crime scene?
D. If the computer is switched off. power on the computer to take screenshot of the desktop
QUESTION 5
Tracks numbering on a hard disk begins at 0 from the outer edge and moves towards the center,
typically reaching a value of .
A. 1023
QUESTION 6
Event correlation is a procedure that is assigned with a new meaning for a set of events that occur in
a predefined interval of time.
Which type of correlation will you use if your organization wants to use different OS and network
hardware platforms throughout the network?
B. Cross-platform correlation
QUESTION 7
Which root folder (hive) of registry editor contains a vast array of configuration information for the
system, including hardware settings and software settings?
B. HKEY_CURRENT_USER
QUESTION 8
Hard disk data addressing is a method of allotting addresses to each of data on a hard disk
A. Physical block
QUESTION 9
How do you define forensic computing?
A. It is the science of capturing, processing, and investigating data security incidents and making it
acceptable to a court of law.
QUESTION 10
What is the smallest allocation unit of a hard disk?
A. Cluster
QUESTION 11
Which one of the following statements is not correct while preparing for testimony?
B. Do not determine the basic facts of the case before beginning and examining the evidence
QUESTION 12
Which of the following statements is not a part of securing and evaluating electronic crime scene
checklist?
D. Blog about the incident on the internet
QUESTION 13
The Apache server saves diagnostic information and error messages that it encounters while
processing requests. The default path of this file is usr/local/apache/logs/error.log in Linux. Identify the
Apache error log from the following logs.
B. [Wed Oct 11 14:32:52 2000] [error] [client 127.0.0.1] client denied by server configuration:
/export/home/live/ap/htdocs/test
QUESTION 14
Operating System logs are most beneficial for Identifying or Investigating suspicious activities involving
a particular host. Which of the following Operating System logs contains information about operational
actions performed by OS components?
A. Event logs
QUESTION 15
A mobile operating system manages communication between the mobile device and other
compatible devices like computers, televisions, or printers.
Which mobile operating system architecture is represented here?
C. Android OS Architecture
QUESTION 16
All the Information about the user activity on the network, like details about login and logoff attempts, is
collected in the security log of the computer. When a user's login is successful, successful audits
generate an entry whereas unsuccessful audits generate an entry for failed login attempts in the
logon event ID table. In the logon event ID table, which event ID entry (number) represents a successful
logging on to a computer?
A. 528
QUESTION 17
What is the first step that needs to be carried out to investigate wireless attacks?
A. Obtain a search warrant
QUESTION 18
Which of the following commands shows you the username and IP address used to access the
system via a remote login session and the Type of client from which they are accessing the system?
A. Net sessions
QUESTION 19
Why is it Important to consider health and safety factors in the work carried out at all stages of the
forensic process conducted by the forensic analysts?
A. This is to protect the staff and preserve any fingerprints that may need to be recovered at a later
date
QUESTION 20
When NTFS Is formatted, the format program assigns the sectors to the boot sectors and
to the bootstrap code
B. First 16
QUESTION 21
What is the goal of forensic science?
A. To determine the evidential value of the crime scene and related evidence
QUESTION 22
Smith, an employee of a reputed forensic Investigation firm, has been hired by a private organization
to investigate a laptop that is suspected to be involved in hacking of organization DC server. Smith
wants to find all the values typed into the Run box in the Start menu. Which of the following registry key
Smith will check to find the above information?
C. RunMRU key
QUESTION 23
Shortcuts are the files with the extension .Ink that are created and are accessed by the users. Thes [Show Less]