WGU C702 Forensics and Network
Intrusion Exam: Objective & Pre-
Assessment 2025/2026
An attack that sends a large amount of data to overwhelm system resources. ans ✔✨---Denial-of-
service technique
A type of denial-of-service attack that involves sending a large volume of emails to a target.
ans ✔✨---Mail bombing
The step in computer crime forensics where an investigator duplicates and images the collected digital
information. ans ✔✨---Acquiring data
The last step of a criminal investigation that requires the involvement of a computer forensic
investigator. ans ✔✨---Testifying in court
Checking to see if it is plugged into a computer without potentially changing the original evidence.
ans ✔✨---Verifying an Android mobile device
An alternative material a forensic investigator can use to protect a mobile device if a Faraday bag is not
available. ans ✔✨---Aluminum foil
,The criterion that determines whether a technology used by government to obtain information in a
computer search is considered innovative and requires a search warrant. ans ✔✨---Availability to
the general public
A situation that allows a law enforcement officer to seize a hard drive from a residence without
obtaining a search warrant. ans ✔✨---Imminent danger
A legal document that contains a summary of findings and is used to prosecute. ans ✔✨---
Investigation report
A protective bag used to prevent any signals from reaching a mobile phone. ans ✔✨---Faraday bag
An ethical behavior for a forensic investigator while testifying in court. ans ✔✨---Providing and
explaining facts
What a government agent should have complied with during a case involving malware on a system.
ans ✔✨---Search and seizure compliance
A part of the United States Constitution that protects citizens from unreasonable searches and seizures.
ans ✔✨---Fourth Amendment
A law that governs the voluntary and compelled disclosure of stored wire and electronic
communications and transactional records. ans ✔✨---Stored Communications Act
Legislation that aims to ensure all internet traffic is treated equally without discrimination or charging
differently. ans ✔✨---Net Neutrality Bill
Rules that govern the introduction of evidence at civil and criminal trials in United States federal trial
courts. ans ✔✨---Federal Rules of Evidence
,A method where the investigator only has access to the stego object and no plaintext. ans ✔✨---
Stego-only
A method where the investigator knows the stego object but not the plaintext. ans ✔✨---Known-
stego
A method where the investigator has access to the plaintext message and uses it to find the hidden
information. ans ✔✨---Known-message
A method where the investigator selects a plaintext message to analyze and find the algorithm used to
hide information. ans ✔✨---Chosen-message
An operating system developed by Apple Inc. for Macintosh computers. ans ✔✨---OS X
A password cracker used to recover passwords on an OS X operating system. ans ✔✨---DaveGrohl
A tool that allows a forensic investigator to process Transmission Control Protocol (TCP) streams for
analysis of malicious traffic. ans ✔✨---Wireshark
A type of cybercrime investigation approach where the company issues warnings to employees violating
policy. ans ✔✨---Administrative
A model that applies a holistic approach toward any criminal activity as a criminal operation.
ans ✔✨---Enterprise Theory of Investigation
A legal document obtained by a forensic investigator before seizing a computing device in a criminal
case. ans ✔✨---Court warrant
An activity used to check whether an application has ever been installed on a computer. ans ✔✨---
Log review
, An organization's preparedness to handle cybercrimes, which includes cost considerations.
ans ✔✨---Forensic readiness
A document that must be signed by those who obtain access to a piece of evidence. ans ✔✨---
Chain of custody document
A tool that allows an investigator to review or process information in a Windows environment without
relying on the Windows API. ans ✔✨---EnCase
A setup designed to connect to an organization's network switch with a random name and hidden SSID.
ans ✔✨---Unauthorized wireless access point
Create a backdoor that a perpetrator can use by connecting wirelessly to the network ans ✔✨---
Backdoor
Jam the wireless signals to stop all legitimate traffic from using the wireless network ans ✔✨---
Jamming
Activate the wireless cards in the laptops of victims to gain access to their data and network
ans ✔✨---Wireless Card Activation
Transmit high-power signals that force users to connect to the rogue wireless network ans ✔✨---
Rogue Wireless Network
Which web-based application attack corrupts the execution stack of a web application? ans ✔✨---
Buffer Overflow
Which file extension should the investigator search for to find the archived message on the server?
ans ✔✨---Archived Message File Extension
.EDB ans ✔✨---.EDB
Intrusion Exam: Objective & Pre-
Assessment 2025/2026
An attack that sends a large amount of data to overwhelm system resources. ans ✔✨---Denial-of-
service technique
A type of denial-of-service attack that involves sending a large volume of emails to a target.
ans ✔✨---Mail bombing
The step in computer crime forensics where an investigator duplicates and images the collected digital
information. ans ✔✨---Acquiring data
The last step of a criminal investigation that requires the involvement of a computer forensic
investigator. ans ✔✨---Testifying in court
Checking to see if it is plugged into a computer without potentially changing the original evidence.
ans ✔✨---Verifying an Android mobile device
An alternative material a forensic investigator can use to protect a mobile device if a Faraday bag is not
available. ans ✔✨---Aluminum foil
,The criterion that determines whether a technology used by government to obtain information in a
computer search is considered innovative and requires a search warrant. ans ✔✨---Availability to
the general public
A situation that allows a law enforcement officer to seize a hard drive from a residence without
obtaining a search warrant. ans ✔✨---Imminent danger
A legal document that contains a summary of findings and is used to prosecute. ans ✔✨---
Investigation report
A protective bag used to prevent any signals from reaching a mobile phone. ans ✔✨---Faraday bag
An ethical behavior for a forensic investigator while testifying in court. ans ✔✨---Providing and
explaining facts
What a government agent should have complied with during a case involving malware on a system.
ans ✔✨---Search and seizure compliance
A part of the United States Constitution that protects citizens from unreasonable searches and seizures.
ans ✔✨---Fourth Amendment
A law that governs the voluntary and compelled disclosure of stored wire and electronic
communications and transactional records. ans ✔✨---Stored Communications Act
Legislation that aims to ensure all internet traffic is treated equally without discrimination or charging
differently. ans ✔✨---Net Neutrality Bill
Rules that govern the introduction of evidence at civil and criminal trials in United States federal trial
courts. ans ✔✨---Federal Rules of Evidence
,A method where the investigator only has access to the stego object and no plaintext. ans ✔✨---
Stego-only
A method where the investigator knows the stego object but not the plaintext. ans ✔✨---Known-
stego
A method where the investigator has access to the plaintext message and uses it to find the hidden
information. ans ✔✨---Known-message
A method where the investigator selects a plaintext message to analyze and find the algorithm used to
hide information. ans ✔✨---Chosen-message
An operating system developed by Apple Inc. for Macintosh computers. ans ✔✨---OS X
A password cracker used to recover passwords on an OS X operating system. ans ✔✨---DaveGrohl
A tool that allows a forensic investigator to process Transmission Control Protocol (TCP) streams for
analysis of malicious traffic. ans ✔✨---Wireshark
A type of cybercrime investigation approach where the company issues warnings to employees violating
policy. ans ✔✨---Administrative
A model that applies a holistic approach toward any criminal activity as a criminal operation.
ans ✔✨---Enterprise Theory of Investigation
A legal document obtained by a forensic investigator before seizing a computing device in a criminal
case. ans ✔✨---Court warrant
An activity used to check whether an application has ever been installed on a computer. ans ✔✨---
Log review
, An organization's preparedness to handle cybercrimes, which includes cost considerations.
ans ✔✨---Forensic readiness
A document that must be signed by those who obtain access to a piece of evidence. ans ✔✨---
Chain of custody document
A tool that allows an investigator to review or process information in a Windows environment without
relying on the Windows API. ans ✔✨---EnCase
A setup designed to connect to an organization's network switch with a random name and hidden SSID.
ans ✔✨---Unauthorized wireless access point
Create a backdoor that a perpetrator can use by connecting wirelessly to the network ans ✔✨---
Backdoor
Jam the wireless signals to stop all legitimate traffic from using the wireless network ans ✔✨---
Jamming
Activate the wireless cards in the laptops of victims to gain access to their data and network
ans ✔✨---Wireless Card Activation
Transmit high-power signals that force users to connect to the rogue wireless network ans ✔✨---
Rogue Wireless Network
Which web-based application attack corrupts the execution stack of a web application? ans ✔✨---
Buffer Overflow
Which file extension should the investigator search for to find the archived message on the server?
ans ✔✨---Archived Message File Extension
.EDB ans ✔✨---.EDB
