Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCT-121 > Quiz 3 > Flashcards

Quiz 3 Flashcards

1
Q

The variety of tools and software makes digital forensics easily affordable by agencies to train and equip its own examiners. True or False?

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

Advantages, including cost savings, greater access to more resources (tools and storage), access to diverse expertise and reduction of unnecessary duplication of resources can be achieved through

A

virtual labs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Connecting an evidence drive brought in for examination to an internal forensic network

A

the ability to log individual access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A well documented system of protocols used to assure the accuracy and reliability of analytical results is the definition of

A

quality assurance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

An open proficiency test is conducted by an agency independent of the agency being tested; whereas a blind proficiency test is one where the analysts and technical support personnel are not aware they are being tested. True or False?

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Each and every tool must be validated before it’s used on an actual case. A validation process demonstrates (check all that apply)

A

the tool is working properly.

the tool is reliable.

the tool yields accurate results.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Accreditation refers to the laboratory and certification pertains to the individual examiners. True or False?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Most labs will have a variety of tools at their disposal for the following reasons (choose all that apply)

A

to give them the broad capability they need.

no one tool does everything.

to handle a wide array of technology requiring analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Accreditation is an endorsement of a crime lab’s policies and procedures. Laboratory accreditation is highly desirable but not mandatory. True or False?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In general, what would a lightweight forensics workstation consist of?​

A

​A laptop computer built into a carrying case with a small selection of peripheral options

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Passwords are typically stored as one-way _____________ rather than in plaintext.​

A

hashes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What hex value is the standard indicator for jpeg graphics files?​

A

​FF D8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

​The ProDiscover utility makes use of the proprietary _______________ file format.

A

​.eve

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What program serves as the GUI front end for accessing Sleuth Kit’s tools?​

A

Autopsy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

In what mode do most write-blockers run?​

A

​Shell mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

In what temporary location below might passwords be stored? ​

A

​​ pagefile.sys

16
Q

A keyword search is part of the ​analysis process within what forensic function?

A

extraction

17
Q

Which of the following options is not a subfunction of extraction?​

A

​logical data copy

18
Q

What is the goal of the NSRL project, created by NIST?​

A

​Collect known hash values for commercial software and OS files using SHA hashes.

CCT-121 (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions