WGU C702 CHFI and OA
1 / 16
1. Which of the following is true regarding computer forensics?: Computer
forensics deals with the process of finding
... [Show More] evidence related to a digital crime to
find the culprits and initiate legal action against them.
2. Which of the following is NOT a objective of computer forensics?: Document vulnerabilities allowing further loss of intellectual property, finances, and
reputation during an attack.
3. Which of the following is true regarding Enterprise Theory of Investigation
(ETI)?: It adopts a holistic approach toward any criminal activity as a criminal
operation rather as a single criminal act.
4. Forensic readiness refers to:: An organization's ability to make optimal use of
digital evidence in a limited time period and with minimal investigation costs.
5. Which of the following is NOT a element of cybercrime?: Evidence smaller
in size.
6. Which of the following is true of cybercrimes?: Investigators, with a warrant,
have the authority to forcibly seize the computing devices.
7. Which of the following is true of cybercrimes?: The initial reporting of the
evidence is usually informal.
8. Which of the following is NOT a consideration during a cybercrime investigation?: Value or cost to the victim.
9. Which of the following is a user-created source of potential evidence?: -
Address book.
10. Which of the following is a computer-created source of potential evidence?: Swap file.
11. Which of the following is NOT where potential evidence may be located?-
: Processor.
12. Under which of the following conditions will duplicate evidence NOT
suffice?: When original evidence is in possession of the originator.
13. Which of the following Federal Rules of Evidence governs proceedings
in the courts of the United States?: Rule 101.
14. Which of the following Federal Rules of Evidence ensures that the truth
may be ascertained and the proceedings justly determined?: Rule 102.
15. Which of the following Federal Rules of Evidence contains rulings on
evidence?: Rule 103
2 / 16
16. Which of the following Federal Rules of Evidence states that the court
shall restrict the evidence to its proper scope and instruct the jury accordingly?: Rule 105
17. Which of the following refers to a set of methodological procedures
and techniques to identify, gather, preserve, extract, interpret, document,
and present evidence from computing equipment in such a manner that
the discovered evidence is acceptable during a legal and/or administrative
proceeding in a court of law?: Computer Forensics.
18. Computer Forensics deals with the process of finding related to a
digital crime to find the culprits and initiate legal action against them.: Evidence.
19. Minimizing the tangible and intangible losses to the organization or an
individual is considered an essential computer forensics use.: True.
20. Cybercrimes can be classified into the following two types of attacks,
based on the line of attack.: Internal and External.
21. Espionage, theft of intellectual property, manipulation of records, and
trojan horse attacks are examples of what?: Insider attack or primary attacks.
22. External attacks occur when there are inadequate information-security
policies and procedures.: True.
23. Which type of cases involve disputes between two parties?: Civil.
24. A computer forensic examiner can investigate any crime as long as he or
she takes detailed notes and follows the appropriate processes.: False.
25. is the standard investigative model used by the FBI when
conducting investigations against major criminal organizations.: Enterprise
Theory of Investigation (ETI).
26. Forensic readiness includes technical and nontechnical actions that
maximize an organization's competence to use digital evidence.: True. [Show Less]