C840 - PT3 test |Questions Solved 100% Correct
Which starting-point forensic certification covers the general principles and techniques
of forensics, but not specific tools such as EnCase or FTK? - Ans EC Council Certified
Hacking Forensic Investigator
This forensic certification is open to both the public and private sectors and is specific to the
use and mastery of FTK. Requirements for taking the exam include completing the boot
camp and Windows forensic courses. - Ans AccessData Certified Examiner
Which of the following is the definition of hash? - Ans a function that is nonreversible,
takes variable-length input, produces fixed-length output, and has few or no collisions
What is meant by temporary data? - Ans data that an operating system creates and overwrites
without the computer user taking a direct action to save this data
The area of a hard drive that has never been allocated for file storage is the definition of
__________. - Ans unallocated space
Which of the following is the definition of steganalysis? - Ans the determination of whether
a file or communication hides other information
What name is given to the art and science of writing hidden messages? - Ans steganography
Which of the following use microchips that retain data in non-volatile memory chips and
contain no moving parts? - Ans SSDs
Blu-ray discs are the successor to the DVD and store up to __________ per layer. - Ans 25GB
, The U.S. Internal Revenue Service (IRS) invented the __________ proprietary file format used
by the iLook tool, which is restricted to law enforcement and government use only. -
Ans IXimager
__________ is the data to be covertly communicated. In other words, it is the message you
want to hide. - Ans Payload
The __________ cipher is the simplest single-alphabet substitution cipher. It is really just a
permutation of the Caesar cipher. All characters are rotated 13 characters through
the alphabet. - Ans ROT13
__________ is cryptography wherein two keys are used: one to encrypt the message and
another to decrypt it. - Ans asymmetric cryptography
What name is given to a method of attacking polyalphabetic substitution ciphers? This method
can be used to deduce the length of the keyword used in a polyalphabetic substitution cipher. -
Ans Kasiski examination
Those methods where the same key is used to encrypt and decrypt the plaintext is
the definition of: - Ans symmetric cryptography
The method of changing some part of the plaintext for some matching part of ciphertext in
cryptography is known as? - Ans substitution
There are two fundamental files that are part of NTFS that are of most interest. These are
the Master File Table (MFT), and the __________. - Ans cluster bitmap
The Linux/UNIX command __________ can be used to search for files, contents of files, and just
about anything else. - Ans grep
A popular Linux/UNIX search tool is: - Ans grep
Which starting-point forensic certification covers the general principles and techniques
of forensics, but not specific tools such as EnCase or FTK? - Ans EC Council Certified
Hacking Forensic Investigator
This forensic certification is open to both the public and private sectors and is specific to the
use and mastery of FTK. Requirements for taking the exam include completing the boot
camp and Windows forensic courses. - Ans AccessData Certified Examiner
Which of the following is the definition of hash? - Ans a function that is nonreversible,
takes variable-length input, produces fixed-length output, and has few or no collisions
What is meant by temporary data? - Ans data that an operating system creates and overwrites
without the computer user taking a direct action to save this data
The area of a hard drive that has never been allocated for file storage is the definition of
__________. - Ans unallocated space
Which of the following is the definition of steganalysis? - Ans the determination of whether
a file or communication hides other information
What name is given to the art and science of writing hidden messages? - Ans steganography
Which of the following use microchips that retain data in non-volatile memory chips and
contain no moving parts? - Ans SSDs
Blu-ray discs are the successor to the DVD and store up to __________ per layer. - Ans 25GB
, The U.S. Internal Revenue Service (IRS) invented the __________ proprietary file format used
by the iLook tool, which is restricted to law enforcement and government use only. -
Ans IXimager
__________ is the data to be covertly communicated. In other words, it is the message you
want to hide. - Ans Payload
The __________ cipher is the simplest single-alphabet substitution cipher. It is really just a
permutation of the Caesar cipher. All characters are rotated 13 characters through
the alphabet. - Ans ROT13
__________ is cryptography wherein two keys are used: one to encrypt the message and
another to decrypt it. - Ans asymmetric cryptography
What name is given to a method of attacking polyalphabetic substitution ciphers? This method
can be used to deduce the length of the keyword used in a polyalphabetic substitution cipher. -
Ans Kasiski examination
Those methods where the same key is used to encrypt and decrypt the plaintext is
the definition of: - Ans symmetric cryptography
The method of changing some part of the plaintext for some matching part of ciphertext in
cryptography is known as? - Ans substitution
There are two fundamental files that are part of NTFS that are of most interest. These are
the Master File Table (MFT), and the __________. - Ans cluster bitmap
The Linux/UNIX command __________ can be used to search for files, contents of files, and just
about anything else. - Ans grep
A popular Linux/UNIX search tool is: - Ans grep
