You are on page 1of 11

Exam 1

1.
(Points: 1) By the 1970s, electronic crimes were increasing, especially in the financial sector. 1. True 2. False
false

Save Answer

2.
(Points: 1) To be a successful computer forensics investigator, you must be familiar with more than one computing platform. 1. True 2. False
false

Save Answer

3.
(Points: 1) After a judge approves and signs a search warrant, its ready to be executed, meaning you can collect evidence as defined by the warrant. 1. False 2. True
false

Save Answer

4.
(Points: 1) Chain of custody is also known as chain of evidence. 1. True 2. False
false

Save Answer

5.
(Points: 1) Employees surfing the Internet can cost companies millions of dollars. 1. False 2. True
false

Save Answer

6.
(Points: 1) A bit-stream copy is a bit-by-bit duplicate of the original disk. You should use the original disk whenever possible. 1. False 2. True
false

Save Answer

7.
(Points: 1) Performing a forensic analysis of a disk 200 GB or larger can take several days and often involves running imaging software overnight and on weekends.

1. True 2. False
false

Save Answer

8.
(Points: 1) ____ involves recovering information from a computer that was deleted by mistake or lost during a power surge or server crash, for example. 1. Network forensics 2. Data recovery 3. Computer forensics 4. Disaster recovery
false

Save Answer

9.
(Points: 1) ____ involves preventing data loss by using backups, uninterruptible power supply (UPS) devices, and off-site monitoring. 1. Network forensics 2. Data recovery 3. Disaster recovery 4. Computer forensics
false

Save Answer

10.
(Points: 1)

In a ____ case, a suspect is tried for a criminal offense, such as burglary, murder, or molestation. 1. corporate 2. civil 3. criminal 4. fourth amendment
false

Save Answer

11.
(Points: 1) In general, a criminal case follows three stages: the complaint, the investigation, and the ____. 1. prosecution 2. allegation 3. litigation 4. blotter
false

Save Answer

12.
(Points: 1) Most computer investigations in the private sector involve ____. 1. Internet abuse 2. VPN abuse 3. e-mail abuse 4. misuse of computing assets
false

Save Answer

13.
(Points: 1) Your ____ as a computer investigation and forensics analyst is critical because it determines your credibility. 1. professional conduct 2. professional policy 3. oath 4. line of authority
false

Save Answer

14.
(Points: 1) Maintaining ____ means you must form and sustain unbiased opinions of your cases. 1. credibility 2. confidentiality 3. integrity 4. objectivity
false

Save Answer

15.
(Points: 1) The ____ is the route the evidence takes from the time you find it until the case is closed or goes to court. 1. acquisition plan 2. evidence custody 3. evidence path 4. chain of custody
false

Save Answer

16.
(Points: 1) A(n) ____ helps you document what has and has not been done with both the original evidence and forensic copies of the evidence. 1. evidence custody form 2. initial investigation form 3. evidence handling form 4. risk assessment form
false

Save Answer

17.
(Points: 1) To conduct your investigation and analysis, you must have a specially configured personal computer (PC) known as a ____. 1. forensic workstation 2. forensic lab 3. mobile workstation 4. recovery workstation
false

Save Answer

18.
(Points: 1) To begin conducting an investigation, you start by ____ the evidence using a variety of methods. 1. opening 2. analyzing

3. reading 4. copying
false

Save Answer

19.
(Points: 1) A bit-stream image is also known as a(n) ____. 1. evidence copy 2. backup copy 3. forensic copy 4. custody copy
false

Save Answer

20.
(Points: 1) When analyzing digital evidence, your job is to ____. 1. destroy the data 2. load the data 3. recover the data 4. copy the data
false

Save Answer

21.
(Points: 1) In any computing investigation, you should be able to repeat the steps you took and produce the same results. This capability is referred to as ____.

1. checked values 2. repeatable findings 3. verification 4. evidence backup


false

Save Answer

22.
(Points: 1) A ____ is where you conduct your investigations, store evidence, and do most of your work. 1. forensic workstation 2. computer forensics lab 3. workbench 4. storage room
false

Save Answer

23.
(Points: 1) Windows hard disks can now use a variety of file systems, including FAT16, FAT32, ____, and Windows File System. 1. FAT24 2. ext3 3. NTFS 4. ext2
false

Save Answer

24.
(Points: 1)

IACIS requires recertification every ____ years to demonstrate continuing work in the field of computer forensics. 1. 3 2. 5 3. 4 4. 2
false

Save Answer

25.
(Points: 1) To preserve the integrity of evidence data, your lab should function as an evidence locker or safe, making it a ____ or a secure storage safe. 1. secure facility 2. secure workbench 3. secure workstation 4. protected PC
false

Save Answer

26.
(Points: 1) A ____ plan also specifies how to rebuild a forensic workstation after it has been severely contaminated by a virus from a drive youre analyzing. 1. security 2. configuration management 3. disaster recovery 4. risk management
false

Save Answer

27.
(Points: 1) In addition to performing routine backups, record all the updates you make to your workstation by using a process called ____ when planning for disaster recovery. 1. configuration management 2. recovery logging 3. change management 4. risk assessment
false

Save Answer

28.
(Points: 1) For labs using high-end ____ servers (such as Digital Intelligence F.R.E.D.C. or F.R.E.D.M.), you must consider methods for restoring large data sets. 1. RAID 2. ISDN 3. TEMPEST 4. WAN
false

Save Answer

29.
(Points: 1) Computing components are designed to last 18 to ____ months in normal business operations. 1. 30 2. 42 3. 36 4. 24
false

Save Answer

30.
(Points: 1) By using ____ to attract new customers or clients, you can justify future budgets for the labs operation and staff. 1. budgeting 2. marketing 3. changing 4. pricing
false

Save Answer

You might also like