CTC 328 Quiz 1, 2, 3, 4, 5, 6 Exam 2025
Questions and Answers
Digital Evidence First Responder - ANS After a judge approves and signs a search warrant, the
_______ is responsible for the collection of evidence as defined by the warrant.
Remote access software - ANS _______ is not recommended for a digital forensics
workstation.
False - ANS According to the National Institute of Standards and Technology (NIST), digital
forensics involves scientifically examining and analyzing data from computer storage media so
that it can be used as evidence in court.
Data recovery - ANS _______ is not one of the functions of the investigations triad.
repeatable findings - ANS Within a computing investigation, the ability to perform a series of
steps again and again to produce the same results is known as _______.
True - ANS Most digital investigations in the private sector involve misuse of computing
assets.
Share evidence with experts outside of the investigation. - ANS Which option below is not a
standard systems analysis step?
Pg. 1 Copyright © 2025 Jasonmcconell. ALL RIGHTS RESERVED.
, Digital Evidence Specialist - ANS The _______ is responsible for analyzing data and
determining when another specialist should be called in to assist with analysis.
industrial espionage - ANS The sale of sensitive or confidential company information to a
competitor is known as _______.
True - ANS If you turn evidence over to law enforcement and begin working under their
direction, you have become an agent of law enforcement, and are subject to the same
restrictions on search and seizure as a law enforcement agent.
False - ANS All suspected industrial espionage cases should be treated as civil case
investigations.
Exhibits - ANS _______ must be included in an affidavit to support an allegation in order to
justify a warrant.
ILook - ANS What tool, currently maintained by the IRS Criminal Investigation Division and
limited to use by law enforcement, can analyze and read special files that are copies of a disk?
evidence custody form - ANS A chain-of-evidence form, which is used to document what has
and has not been done with the original evidence and forensic copies of the evidence, is also
known as a(n) _______.
MS-DOS 6.22 - ANS Which Microsoft OS below is the least intrusive to disks in terms of
changing data?
Police Blotter - ANS The term _______ describes a database containing informational records
about crimes that have been committed previously by a criminal.
Civil Suit - ANS The _______ is not one of the three stages of a typical criminal case.
Pg. 2 Copyright © 2025 Jasonmcconell. ALL RIGHTS RESERVED.
Questions and Answers
Digital Evidence First Responder - ANS After a judge approves and signs a search warrant, the
_______ is responsible for the collection of evidence as defined by the warrant.
Remote access software - ANS _______ is not recommended for a digital forensics
workstation.
False - ANS According to the National Institute of Standards and Technology (NIST), digital
forensics involves scientifically examining and analyzing data from computer storage media so
that it can be used as evidence in court.
Data recovery - ANS _______ is not one of the functions of the investigations triad.
repeatable findings - ANS Within a computing investigation, the ability to perform a series of
steps again and again to produce the same results is known as _______.
True - ANS Most digital investigations in the private sector involve misuse of computing
assets.
Share evidence with experts outside of the investigation. - ANS Which option below is not a
standard systems analysis step?
Pg. 1 Copyright © 2025 Jasonmcconell. ALL RIGHTS RESERVED.
, Digital Evidence Specialist - ANS The _______ is responsible for analyzing data and
determining when another specialist should be called in to assist with analysis.
industrial espionage - ANS The sale of sensitive or confidential company information to a
competitor is known as _______.
True - ANS If you turn evidence over to law enforcement and begin working under their
direction, you have become an agent of law enforcement, and are subject to the same
restrictions on search and seizure as a law enforcement agent.
False - ANS All suspected industrial espionage cases should be treated as civil case
investigations.
Exhibits - ANS _______ must be included in an affidavit to support an allegation in order to
justify a warrant.
ILook - ANS What tool, currently maintained by the IRS Criminal Investigation Division and
limited to use by law enforcement, can analyze and read special files that are copies of a disk?
evidence custody form - ANS A chain-of-evidence form, which is used to document what has
and has not been done with the original evidence and forensic copies of the evidence, is also
known as a(n) _______.
MS-DOS 6.22 - ANS Which Microsoft OS below is the least intrusive to disks in terms of
changing data?
Police Blotter - ANS The term _______ describes a database containing informational records
about crimes that have been committed previously by a criminal.
Civil Suit - ANS The _______ is not one of the three stages of a typical criminal case.
Pg. 2 Copyright © 2025 Jasonmcconell. ALL RIGHTS RESERVED.
