Lesson 10

Question 1

The collection part of the computer forensic expert’s job includes all of the following EXCEPT:

Answer 1

Penning a written report of digital data.

Question 2

Which of these is a component of the presentation portion of computer forensics?

Answer 2

Writing a comprehensive report of findings.

Question 3

How does computer forensics differ from traditional forensics?

Answer 3

It is focused solely on digital evidence.

Question 4

A computer forensic expert’s analysis should be all of these things EXCEPT:

Answer 4

Cursory

Question 5

Computer forensic experts work with two primary types of data. What are they?

Answer 5

Computer forensic experts work to retrieve both visible and latent, or hidden, digital data.

Question 6

Missteps made in the _____ process can cause valuable evidence to be discarded or thrown out of court.

Answer 6

collection

Question 7

Which of these is a common tactic investigators use to preserve data during the digital forensics process?

Answer 7

They make copies of files or images.

Question 8

This stage of the digital forensics process touches all other stages in the process:

Answer 8

The documentation stage of the digital forensics process is a step performed throughout the investigation. This covers everything from how evidence is collected using a search warrant to how conclusions about that evidence are made.

Question 9

Which of these might represent what the analysis stage of the digital forensics process entails?

Answer 9

Making conclusions about data.

Question 10

Before you can collect evidence in the digital forensics process, you must first work to _____ potential relevant sources.

Answer 10

identify

Question 11

Which of the following is not an EnCase certification track?

Answer 11

CFCE is not an EnCase certification track.

Question 12

Examples of digital forensic tools include _____.

Answer 12

Digital forensic tool examples: Disk Investigator, Digital Detective, EnCase, and ComputerCOP.

Question 13

Digital Detective tool offers experts _____.

Answer 13

Digital detective offers no certification track.

Question 14

ComputerCOP is particularly designed to address _____.

Answer 14

ComputerCOP is particularly designed to address child safety on the internet.

Question 15

Digital Forensics entails _____.

Answer 15

the identification, preservation, recovery, restoration and presentation of digital evidence from systems and devices

Question 16

Which of the following best describes what data recovery is?

Answer 16

It refers to the act of recovering data which has been lost, corrupted, or deleted.

Question 17

Which of the following data recovery tools utilizes a system’s command prompt in order to operate?

Answer 17

TestDisk

Question 18

Which of the following best describes Guaranteed Recovery, a useful feature found in Disk Drill?

Answer 18

Guaranteed Recovery is a feature found in Disk Drill. It works by creating a copy of a deleted file and saving that copy in a folder specified by the user. In essence, it creates a duplicate trash folder that can make it easy for a user to recover a file should they accidentally empty out their trash folder.

Question 19

What is a limitation of EaseUS?

Answer 19

A limitation of EaseUS is that some features are locked behind a paywall. The free version of EaseUS only lets you know what files it recovered but it does not allow the user to retrieve those files for use.

Question 20

Which file types does Disk Drill struggle to recover?

Answer 20

Video and audio files

Question 21

An email can be faked using _____.

Answer 21

An email can be faked using SMTP server or Website mailer

Question 22

The key factor that enables fake emails is _____.

Answer 22

The key factor that enables fake emails is the ability for impostors to deliver mails by altering the sender’s email information to whatever they want.

Question 23

E-Mail spoofing is defined as _____

Answer 23

the process of manipulating the contents of an email in a way that makes the email appear to originate from a source other than the actual sender

Question 24

____ is not a server needed for delivery on the Internet:

Answer 24

an email client

Question 25

The main difference between the POP and IMAP e-mail protocols is that _____.

Answer 25

The main difference between the POP and IMAP e-mail protocols is that with POP emails are only accessed from the download device while with IMAP emails can be accessed from any device anywhere

Question 26

Which of the following best defines machine vision?

Answer 26

Machine vision refers to when computers are used to perform facial recognition scans on people. This technology has recently been employed by China to aid in the capture of wanted suspects.

Question 27

What is one difference between how data was stored in the 90s and early 2000s to how it is stored now?

Answer 27

It was common for data in the 90s and early 2000s to be stored on tapes, whereas today you are more likely to store data on different media, such as SSDs and flash drives.

Question 28

Which of the following refers to the study of creating machines that have the ability to think at a level equal to a human being?

Answer 28

Artificial Intelligence

Question 29

Forensic investigators benefit from using Li-Fi in their operations because it is more secure than Wi-Fi. In what way is Li-Fi more secure than Wi-Fi?

Answer 29

Data traveling through Li-Fi is not broadcast to the surrounding area and is only confined to its transmission route. As such, it is harder for a malicious actor to access this data.

Read Answer Explanation

Question 30

From the given options, which is the cause of the renewed challenges facing security practitioners today?

Answer 30

Earth’s population growth and rise in the number of people using digital devices