WGU D431 Digital Forensics in Cybersecurity
OBJECTIVE ASSESSMENT ACTUAL EXAM PREP
2025/2026 COMPLETE QUESTIONS AND VERIFIED
CORRECT SOLUTIONS WITH RATIONALES || 100%
GUARANTEED PASS <LATEST VERSION>
1. Forensics - ANSWER ✔ The process of using scientific knowledge for
collecting, analyzing, and presenting evidence to the courts. Deals primarily
with the recovery and analysis of latent evidence.
2. Expert Report - ANSWER ✔ A formal document that lists the tests you
conducted, what you found, and your conclusions. It also includes your
curriculum vita (CV), is very thorough, and tends to be very long. In most
cases an expert cannot directly testify about anything not in his or her expert
report.
3. Curriculum Vitae (CV) - ANSWER ✔ Like a resume, only much more
thorough and specific to your work experience as a forensic investigator.
4. Deposition - ANSWER ✔ Testimony taken from a witness or party to a case
before a trial; less formal and is typically held in an attorney's office.
5. Digital Evidence - ANSWER ✔ Information that has been processed and
assembled so that it is relevant to an investigation and supports a specific
finding or determination.
6. Chain of Custody - ANSWER ✔ The continuity of control of evidence that
makes it possible to account for all that has happened to evidence between
its original collection and its appearance in court, preferably unaltered.
7. Objectives of Computer Forensics - ANSWER ✔ Recover computer-based
material
Analyze computer-based material
, Present computer-based material
8. The Computer Security Act of 1987 - ANSWER ✔ Passed to improve the
security and privacy of sensitive information in federal computer systems.
The law requires the establishment of minimum acceptable security
practices, creation of computer security plans, and training of system users
or owners of facilities that house sensitive information.
9. The Foreign Intelligence Surveillance Act of 1978 (FISA) - ANSWER ✔ A
law that allows for collection of "foreign intelligence information" between
foreign powers and agents of foreign powers using physical and electronic
surveillance. A warrant is issued by a special court created by this Act for
actions under this Act.
10.The Child Protection and Sexual Predator Punishment Act of 1998 -
ANSWER ✔ Requires service providers that become aware of the storage or
transmission of child pornography to report it to law enforcement.
11.The Children's Online Privacy Protection Act of 1998 (COPPA) - ANSWER
✔ Protects children 13 years of age and under from the collection and use of
their personal information by Web sites. This act replaces the Child Online
Protection Act of 1988 (COPA), which was determined to be
unconstitutional.
12.What is Temporary Data? - ANSWER ✔ Data that an operating system
creates and overwrites without the computer user taking a direct action to
save this data.
13.What are some examples of Volatile Data? - ANSWER ✔ Swap file, State
of Network connections, State of running processes.
14.Swap file, State of Network connections, State of running processes. -
ANSWER ✔ Volatile data, Temporary data, and Persistent data.
15.What are the 3 basic tasks to handling evidence? - ANSWER ✔ Find
evidence, Preserve evidence, Prepare evidence.
,16.What are the principles when gathering evidence? - ANSWER ✔ Avoid
changing the evidence, Determine when evidence was created, Trust only
physical evidence, search throughout the device, present the evidence well.
17.What are the 3 basic tasks related to handling evidence? - ANSWER ✔ Find
evidence, Preserve evidence, and Prepare evidence.
18.What is "file slack" or "slack space"? - ANSWER ✔ The unused space
between the logical end of file and the physical end of file. It is also called
slack space.
19.What is the SWGDE Framework - ANSWER ✔ Collect
Preserve
Examine
Transfer
20.What is the Digital Forensic Research Workshop (DFRWS) Framework? -
ANSWER ✔ Identification
Preservation
Collection
Examination
Analysis
Presentation
21.Disk Forensics - ANSWER ✔ - the process of acquiring and analyzing
information stored on a physical storage media, such as computer hard
drives , smartphones, GPS systems and removable media
- includes both the recovery of hidden and deleted information and the
process of identifying who created a file or message
22.Email Forensics - ANSWER ✔ - the study of the source and content of
email as evidence
- includes the process of identifying the sender, recipient, date, time and
origination or unauthorized activities
, 23.Network Forensics - ANSWER ✔ - the process of examining network
traffic, including transaction logs and real time monitoring using sniffers and
tracing
24.Internet forensics - ANSWER ✔ - the process of piecing together where and
when a user has been on the Internet
- ex you can use to determine whether inappropriate Internet content
access and downloading were accidental
25.Software forensics ( malware forensics) - ANSWER ✔ - the process of
examining malicious computer code
26.Live system forensics - ANSWER ✔ - the process of searching memory in
real time , typically for working with compromised hosts or to identify
system abuse
27.Cell-phone forensics - ANSWER ✔ - the process of searching the contents
of cell phones
28.American Standard Code for Information Interchange (ASCII) - ANSWER
✔ A set of codes defining all the various keystrokes you could make,
including letters, numbers, characters, and even the spacebar and return
keys.
29.Anonymous remailing - ANSWER ✔ The process of sending an email
message to an anonymizer. The anonymizer strips identifying information
from an email message before forwarding it with the anonymous mailing
computer's IP address.
30.Anti-forensics - ANSWER ✔ The actions that perpetrators take to conceal
their locations, activities, or identities.
31.Asymmetric cryptography - ANSWER ✔ Cryptography wherein two keys
are used: one to encrypt the message and another to decrypt it.
32.Asynchronous transfer mode (ATM) - ANSWER ✔ A high-speed
connection technology that uses fixed-length, 53-byte packets called calls.
OBJECTIVE ASSESSMENT ACTUAL EXAM PREP
2025/2026 COMPLETE QUESTIONS AND VERIFIED
CORRECT SOLUTIONS WITH RATIONALES || 100%
GUARANTEED PASS <LATEST VERSION>
1. Forensics - ANSWER ✔ The process of using scientific knowledge for
collecting, analyzing, and presenting evidence to the courts. Deals primarily
with the recovery and analysis of latent evidence.
2. Expert Report - ANSWER ✔ A formal document that lists the tests you
conducted, what you found, and your conclusions. It also includes your
curriculum vita (CV), is very thorough, and tends to be very long. In most
cases an expert cannot directly testify about anything not in his or her expert
report.
3. Curriculum Vitae (CV) - ANSWER ✔ Like a resume, only much more
thorough and specific to your work experience as a forensic investigator.
4. Deposition - ANSWER ✔ Testimony taken from a witness or party to a case
before a trial; less formal and is typically held in an attorney's office.
5. Digital Evidence - ANSWER ✔ Information that has been processed and
assembled so that it is relevant to an investigation and supports a specific
finding or determination.
6. Chain of Custody - ANSWER ✔ The continuity of control of evidence that
makes it possible to account for all that has happened to evidence between
its original collection and its appearance in court, preferably unaltered.
7. Objectives of Computer Forensics - ANSWER ✔ Recover computer-based
material
Analyze computer-based material
, Present computer-based material
8. The Computer Security Act of 1987 - ANSWER ✔ Passed to improve the
security and privacy of sensitive information in federal computer systems.
The law requires the establishment of minimum acceptable security
practices, creation of computer security plans, and training of system users
or owners of facilities that house sensitive information.
9. The Foreign Intelligence Surveillance Act of 1978 (FISA) - ANSWER ✔ A
law that allows for collection of "foreign intelligence information" between
foreign powers and agents of foreign powers using physical and electronic
surveillance. A warrant is issued by a special court created by this Act for
actions under this Act.
10.The Child Protection and Sexual Predator Punishment Act of 1998 -
ANSWER ✔ Requires service providers that become aware of the storage or
transmission of child pornography to report it to law enforcement.
11.The Children's Online Privacy Protection Act of 1998 (COPPA) - ANSWER
✔ Protects children 13 years of age and under from the collection and use of
their personal information by Web sites. This act replaces the Child Online
Protection Act of 1988 (COPA), which was determined to be
unconstitutional.
12.What is Temporary Data? - ANSWER ✔ Data that an operating system
creates and overwrites without the computer user taking a direct action to
save this data.
13.What are some examples of Volatile Data? - ANSWER ✔ Swap file, State
of Network connections, State of running processes.
14.Swap file, State of Network connections, State of running processes. -
ANSWER ✔ Volatile data, Temporary data, and Persistent data.
15.What are the 3 basic tasks to handling evidence? - ANSWER ✔ Find
evidence, Preserve evidence, Prepare evidence.
,16.What are the principles when gathering evidence? - ANSWER ✔ Avoid
changing the evidence, Determine when evidence was created, Trust only
physical evidence, search throughout the device, present the evidence well.
17.What are the 3 basic tasks related to handling evidence? - ANSWER ✔ Find
evidence, Preserve evidence, and Prepare evidence.
18.What is "file slack" or "slack space"? - ANSWER ✔ The unused space
between the logical end of file and the physical end of file. It is also called
slack space.
19.What is the SWGDE Framework - ANSWER ✔ Collect
Preserve
Examine
Transfer
20.What is the Digital Forensic Research Workshop (DFRWS) Framework? -
ANSWER ✔ Identification
Preservation
Collection
Examination
Analysis
Presentation
21.Disk Forensics - ANSWER ✔ - the process of acquiring and analyzing
information stored on a physical storage media, such as computer hard
drives , smartphones, GPS systems and removable media
- includes both the recovery of hidden and deleted information and the
process of identifying who created a file or message
22.Email Forensics - ANSWER ✔ - the study of the source and content of
email as evidence
- includes the process of identifying the sender, recipient, date, time and
origination or unauthorized activities
, 23.Network Forensics - ANSWER ✔ - the process of examining network
traffic, including transaction logs and real time monitoring using sniffers and
tracing
24.Internet forensics - ANSWER ✔ - the process of piecing together where and
when a user has been on the Internet
- ex you can use to determine whether inappropriate Internet content
access and downloading were accidental
25.Software forensics ( malware forensics) - ANSWER ✔ - the process of
examining malicious computer code
26.Live system forensics - ANSWER ✔ - the process of searching memory in
real time , typically for working with compromised hosts or to identify
system abuse
27.Cell-phone forensics - ANSWER ✔ - the process of searching the contents
of cell phones
28.American Standard Code for Information Interchange (ASCII) - ANSWER
✔ A set of codes defining all the various keystrokes you could make,
including letters, numbers, characters, and even the spacebar and return
keys.
29.Anonymous remailing - ANSWER ✔ The process of sending an email
message to an anonymizer. The anonymizer strips identifying information
from an email message before forwarding it with the anonymous mailing
computer's IP address.
30.Anti-forensics - ANSWER ✔ The actions that perpetrators take to conceal
their locations, activities, or identities.
31.Asymmetric cryptography - ANSWER ✔ Cryptography wherein two keys
are used: one to encrypt the message and another to decrypt it.
32.Asynchronous transfer mode (ATM) - ANSWER ✔ A high-speed
connection technology that uses fixed-length, 53-byte packets called calls.
