Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

WGU C702/ CHFI | Final Exam Review Questions with complete solutions: Accuracy-Checked and Up-To-Date for 2025/2026

Rating
-
Sold
-
Pages
129
Grade
A+
Uploaded on
16-08-2025
Written in
2025/2026

A computer forensic report is a report which provides detailed information on the complete forensics’ investigation process. A. True B. False - correct answer: A When collecting evidence from the RAM, where do you look for data? A. Swap file B. SAM file C. Data file D. Log file - correct answer: A Which of the following Steganography techniques allows you to encode information that ensures creation of cover for secret communication? A. Substitution techniques B. Transform domain techniques C. Cover generation techniques D. Spread spectrum techniques - correct answer: C Router log files provide detailed Information about the network traffic on the Internet. It gives information about the attacks to and from the networks. The router stores log files in the____________. A. Router cache B. Application logs C. IDS logs D. Audit logs - correct answer: A When NTFS Is formatted, the format program assigns the __________ sectors to the boot sectors and to the bootstrap code. A. First 12 B. First 16 C. First 22 D. First 24 - correct answer: B Smith, as a part his forensic investigation assignment, has seized a mobile device. He was asked to recover the Subscriber Identity Module (SIM card) data the mobile device. Smith found that the SIM was protected by a Personal identification Number (PIN) code but he was also aware that people generally leave the PIN numbers to the defaults or use easily guessable numbers such as 1234. He unsuccessfully tried three PIN numbers that blocked the SIM card. What Jason can do in this scenario to reset the PIN and access SIM data? A. He should contact the device manufacturer for a Temporary Unlock Code (TUK) to gain access to the SIM B. He cannot access the SIM data in this scenario as the network operators or device manufacturers have no idea about a device PIN C. He should again attempt PIN guesses after a time of 24 hours D. He should ask the network operator for Personal Unlock Number (PUK) to gain access to the SIM - correct answer: D Injection flaws are web application vulnerabilities that allow untrusted data to be Interpreted and executed as part of a command or query. Attackers exploit injection flaws by constructing malicious commands or queries that result in data loss or corruption, lack of accountability, or denial of access. Which of the following injection flaws involves the injection of malicious code through a web application? A. SQL Injection B. Password brute force C. Nmap Scanning D. Footprinting - correct answer: A How do you define Technical Steganography? A. Steganography that uses physical or chemical means to hide the existence of a message B. Steganography that utilizes written natural language to hide the message in the carrier in some non-obvious ways C. Steganography that utilizes written JAVA language to hide the message in the carrier in some non-obvious ways D. Steganography that utilizes visual symbols or signs to hide secret messages - correct answer: A Which of the following statements is not a part of securing and evaluating electronic crime scene checklist? A. Locate and help the victim B. Transmit additional flash messages to other responding units C. Request additional help at the scene if needed D. Blog about the incident on the internet - correct answer: D BMP (Bitmap) is a standard file format for computers running the Windows operating system. BMP images can range from black and white (1 bit per pixel) up to 24 bit color (16.7 million colors). Each bitmap file contains header, the RGBQUAD array, information header, and image data. Which of the following element specifies the dimensions, compression type, and color format for the bitmap? A. Header B. The RGBQUAD array C. Information header D. Image data - correct answer: B Data files from original evidence should be used for forensics analysis A. True B. False - correct answer: B Event correlation is a procedure that is assigned with a new meaning for a set of events that occur in a predefined interval of time. Which type of correlation will you use if your organization wants to use different OS and network hardware platforms throughout the network? A. Same-platform correlation B. Cross-platform correlation C. Multiple-platform correlation D. Network-platform correlation - correct answer: B

Show more Read less
Institution
WGU C702/ CHFI
Course
WGU C702/ CHFI

Content preview

WGU C702/ CHFI | Final Exam Review Questions with
complete solutions: Accuracy-Checked and Up-To-
Date for 2025/2026

A computer forensic report is a report which provides detailed information on the
complete forensics’ investigation process.
A. True
B. False - correct answer: A


When collecting evidence from the RAM, where do you look for data?
A. Swap file
B. SAM file
C. Data file
D. Log file - correct answer: A


Which of the following Steganography techniques allows you to encode information that
ensures creation of cover for secret communication?
A. Substitution techniques
B. Transform domain techniques
C. Cover generation techniques
D. Spread spectrum techniques - correct answer: C


Router log files provide detailed Information about the network traffic on the Internet. It
gives information about the attacks to and from the networks. The router stores log files
in the____________.
A. Router cache
B. Application logs
C. IDS logs
D. Audit logs - correct answer: A

,When NTFS Is formatted, the format program assigns the __________ sectors to the
boot sectors and to the bootstrap code.
A. First 12
B. First 16
C. First 22
D. First 24 - correct answer: B


Smith, as a part his forensic investigation assignment, has seized a mobile device. He
was asked to recover the Subscriber Identity Module (SIM card) data the mobile device.
Smith found that the SIM was protected by a Personal identification Number (PIN) code
but he was also aware that people generally leave the PIN numbers to the defaults or
use easily guessable numbers such as 1234. He unsuccessfully tried three PIN
numbers that blocked the SIM card. What Jason can do in this scenario to reset the PIN
and access SIM data?
A. He should contact the device manufacturer for a Temporary Unlock Code (TUK) to
gain access to the SIM
B. He cannot access the SIM data in this scenario as the network operators or device
manufacturers have no idea about a device PIN
C. He should again attempt PIN guesses after a time of 24 hours
D. He should ask the network operator for Personal Unlock Number (PUK) to gain
access to the SIM - correct answer: D


Injection flaws are web application vulnerabilities that allow untrusted data to be
Interpreted and executed as part of a command or query. Attackers exploit injection
flaws by constructing malicious commands or queries that result in data loss or
corruption, lack of accountability, or denial of access. Which of the following injection
flaws involves the injection of malicious code through a web application?
A. SQL Injection
B. Password brute force
C. Nmap Scanning
D. Footprinting - correct answer: A

,How do you define Technical Steganography?
A. Steganography that uses physical or chemical means to hide the existence of a
message
B. Steganography that utilizes written natural language to hide the message in the
carrier in some non-obvious ways
C. Steganography that utilizes written JAVA language to hide the message in the carrier
in some non-obvious ways
D. Steganography that utilizes visual symbols or signs to hide secret messages -
correct answer: A


Which of the following statements is not a part of securing and evaluating electronic
crime scene checklist?
A. Locate and help the victim
B. Transmit additional flash messages to other responding units
C. Request additional help at the scene if needed
D. Blog about the incident on the internet - correct answer: D


BMP (Bitmap) is a standard file format for computers running the Windows operating
system. BMP images can range from black and white (1 bit per pixel) up to 24 bit color
(16.7 million colors). Each bitmap file contains header, the RGBQUAD array,
information header, and image data. Which of the following element specifies the
dimensions, compression type, and color format for the bitmap?
A. Header
B. The RGBQUAD array
C. Information header
D. Image data - correct answer: B


Data files from original evidence should be used for forensics analysis
A. True
B. False - correct answer: B

, Event correlation is a procedure that is assigned with a new meaning for a set of events
that occur in a predefined interval of time. Which type of correlation will you use if your
organization wants to use different OS and network hardware platforms throughout the
network?
A. Same-platform correlation
B. Cross-platform correlation
C. Multiple-platform correlation
D. Network-platform correlation - correct answer: B


Which of the following steganography types hides the secret message in a specifically
designed pattern on the document that is unclear to the average reader?
A. Open code steganography
B. Visual semagrams steganography
C. Text semagrams steganography
D. Technical steganography - correct answer: A


Network forensics allows Investigators to inspect network traffic and logs to identify and
locate the attack system. Network forensics can reveal: (Select three answers)
A. Source of security incidents and network attacks
B. Path of the attack
C. Intrusion techniques used by attackers
D. Hardware configuration of the attacker's system - correct answer: A,B,C


Windows Security Accounts Manager (SAM) is a registry file which stores passwords in
a hashed format. SAM file in Windows is located at:
A. C:\windows\system32\config\SAM
B. C:\windows\system32\con\SAM
C. C:\windows\system32\Boot\SAM
D. C:\windows\system32\drivers\SAM - correct answer: A

Written for

Institution
WGU C702/ CHFI
Course
WGU C702/ CHFI

Document information

Uploaded on
August 16, 2025
Number of pages
129
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$12.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
KieranKent55 NONE
View profile
Follow You need to be logged in order to follow users or courses
Sold
43
Member since
2 year
Number of followers
18
Documents
6482
Last sold
4 months ago

3.6

9 reviews

5
4
4
1
3
2
2
0
1
2

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions