WGU C702
WGU C702 CHFI and OA Exam Study
Questions with Correct Answers
Graded A+ 2026
1
Which of the following is true regarding computer forensics?
Computer forensics deals with the process of finding evidence related to a
digital crime to find the culprits and initiate legal action against them.
2
Which of the following is NOT a objective of computer forensics?
Document vulnerabilities allowing further loss of intellectual property,
finances, and reputation during an attack.
3
Which of the following is true regarding Enterprise Theory of Investigation
(ETI)?
It adopts a holistic approach toward any criminal activity as a criminal
operation rather as a single criminal act.
4
Forensic readiness refers to:
An organization's ability to make optimal use of digital evidence in a limited
time period and with minimal investigation costs.
5
Which of the following is NOT a element of cybercrime?
Evidence smaller in size.
6
Which of the following is true of cybercrimes?
Investigators, with a warrant, have the authority to forcibly seize the
computing devices.
WGU C702
,WGU C702
7
Which of the following is true of cybercrimes?
The initial reporting of the evidence is usually informal.
8
Which of the following is NOT a consideration during a cybercrime
investigation?
Value or cost to the victim.
9
Which of the following is a user-created source of potential evidence?
Address book.
10
Which of the following is a computer-created source of potential evidence?
Swap file.
11
Which of the following is NOT where potential evidence may be located?
Processor.
12
Under which of the following conditions will duplicate evidence NOT suffice?
When original evidence is in possession of the originator.
13
Which of the following Federal Rules of Evidence governs proceedings in the
courts of the United States?
Rule 101.
14
Which of the following Federal Rules of Evidence ensures that the truth may
be ascertained and the proceedings justly determined?
Rule 102.
WGU C702
,WGU C702
15
Which of the following Federal Rules of Evidence contains rulings on
evidence?
Rule 103
16
Which of the following Federal Rules of Evidence states that the court shall
restrict the evidence to its proper scope and instruct the jury accordingly?
Rule 105
17
Which of the following refers to a set of methodological procedures and
techniques to identify, gather, preserve, extract, interpret, document, and
present evidence from computing equipment in such a manner that the
discovered evidence is acceptable during a legal and/or administrative
proceeding in a court of law?
Computer Forensics.
18
Computer Forensics deals with the process of finding _____ related to a
digital crime to find the culprits and initiate legal action against them.
Evidence.
19
Minimizing the tangible and intangible losses to the organization or an
individual is considered an essential computer forensics use.
True.
20
Cybercrimes can be classified into the following two types of attacks, based on
the line of attack.
Internal and External.
21
WGU C702
, WGU C702
Espionage, theft of intellectual property, manipulation of records, and trojan
horse attacks are examples of what?
Insider attack or primary attacks.
22
External attacks occur when there are inadequate information-security
policies and procedures.
True.
23
Which type of cases involve disputes between two parties?
Civil.
24
A computer forensic examiner can investigate any crime as long as he or she
takes detailed notes and follows the appropriate processes.
False.
25
________ is the standard investigative model used by the FBI when
conducting investigations against major criminal organizations.
Enterprise Theory of Investigation (ETI).
26
Forensic readiness includes technical and nontechnical actions that maximize
an organization's competence to use digital evidence.
True.
27
Which of the following is the process of developing a strategy to address the
occurrence of any security breach in the system or network?
Incident Response.
28
Digital devices store data about session such as user and type of connection.
WGU C702
WGU C702 CHFI and OA Exam Study
Questions with Correct Answers
Graded A+ 2026
1
Which of the following is true regarding computer forensics?
Computer forensics deals with the process of finding evidence related to a
digital crime to find the culprits and initiate legal action against them.
2
Which of the following is NOT a objective of computer forensics?
Document vulnerabilities allowing further loss of intellectual property,
finances, and reputation during an attack.
3
Which of the following is true regarding Enterprise Theory of Investigation
(ETI)?
It adopts a holistic approach toward any criminal activity as a criminal
operation rather as a single criminal act.
4
Forensic readiness refers to:
An organization's ability to make optimal use of digital evidence in a limited
time period and with minimal investigation costs.
5
Which of the following is NOT a element of cybercrime?
Evidence smaller in size.
6
Which of the following is true of cybercrimes?
Investigators, with a warrant, have the authority to forcibly seize the
computing devices.
WGU C702
,WGU C702
7
Which of the following is true of cybercrimes?
The initial reporting of the evidence is usually informal.
8
Which of the following is NOT a consideration during a cybercrime
investigation?
Value or cost to the victim.
9
Which of the following is a user-created source of potential evidence?
Address book.
10
Which of the following is a computer-created source of potential evidence?
Swap file.
11
Which of the following is NOT where potential evidence may be located?
Processor.
12
Under which of the following conditions will duplicate evidence NOT suffice?
When original evidence is in possession of the originator.
13
Which of the following Federal Rules of Evidence governs proceedings in the
courts of the United States?
Rule 101.
14
Which of the following Federal Rules of Evidence ensures that the truth may
be ascertained and the proceedings justly determined?
Rule 102.
WGU C702
,WGU C702
15
Which of the following Federal Rules of Evidence contains rulings on
evidence?
Rule 103
16
Which of the following Federal Rules of Evidence states that the court shall
restrict the evidence to its proper scope and instruct the jury accordingly?
Rule 105
17
Which of the following refers to a set of methodological procedures and
techniques to identify, gather, preserve, extract, interpret, document, and
present evidence from computing equipment in such a manner that the
discovered evidence is acceptable during a legal and/or administrative
proceeding in a court of law?
Computer Forensics.
18
Computer Forensics deals with the process of finding _____ related to a
digital crime to find the culprits and initiate legal action against them.
Evidence.
19
Minimizing the tangible and intangible losses to the organization or an
individual is considered an essential computer forensics use.
True.
20
Cybercrimes can be classified into the following two types of attacks, based on
the line of attack.
Internal and External.
21
WGU C702
, WGU C702
Espionage, theft of intellectual property, manipulation of records, and trojan
horse attacks are examples of what?
Insider attack or primary attacks.
22
External attacks occur when there are inadequate information-security
policies and procedures.
True.
23
Which type of cases involve disputes between two parties?
Civil.
24
A computer forensic examiner can investigate any crime as long as he or she
takes detailed notes and follows the appropriate processes.
False.
25
________ is the standard investigative model used by the FBI when
conducting investigations against major criminal organizations.
Enterprise Theory of Investigation (ETI).
26
Forensic readiness includes technical and nontechnical actions that maximize
an organization's competence to use digital evidence.
True.
27
Which of the following is the process of developing a strategy to address the
occurrence of any security breach in the system or network?
Incident Response.
28
Digital devices store data about session such as user and type of connection.
WGU C702
