WGU - C702 - March 2023 Questions and Answers

WGU - C702 - March 2023 Questions and Answers What are the types of cybercrime investigation approaches? Civil Criminal Administrative Punative Describe civil cybercrime investigation ... Describe Criminal cybercrime investigation ... Describe administrative cybercrime investigation ... Describe Punitive cybercrime investigation ... What type of cybercrime investigation is being used when warnings for policy violations are performed? Administrative cybercrime investigation What is Enterprise Theory of Investigation? It applies a holistic approach toward any criminal activity as a criminal operation What is the Racketeering Influenced and Corrupt Organizations Act ... What is Law Enforcement Cyber Incident Reporting ... What is Evidence Examination ... What does a forensic investigator need to obtain before seizing a computer in a criminal case? A court warrant What is a chain of custody document? ... Permission ... Crime report ... How do you check to see if an application was ever installed on a computer? the logs Penetration Test ... Describe Risk Analysis ... Security review ... What characteristic describes an orgs forensic readiness in the context of cybercrimes? It includes cost considerations Who must sign a chain of custody document? Everyone who obtains access to the item Mailbombing ... What forensic step includes duplicating and imagine the digital evidence? acquiring data forensic step securing evidence ... forensic step analyzing data ... forensic step assessing evidence ... What is the last step in an investigation that requires a forensic investigator? Testifying in court How can you determine if an android phone is on without changing evidence or interacting with the operating system? Look for blinking lights What is an alternative to a faraday bag? Aluminum foil What determines if a technology used by the government to obtain information in a computer search is considered innovative and requires a search warrant? Whether the technology is available to the public In what situation can evidence be seized without a search warrant? The evidence is in immediate danger What legal document contains a summary of findings and is used to prosecute? Investigation Report What does a search warrant include? ... What is search and seizure? ... What is on a chain of custody document? ... What does a faraday bag do? It stops signals from getting to a device inside it Describe ethical behavior when an investigator is testifying Providing and explaining facts. Nothing more, nothing less. Describe the 4th ammendment ... Describe the Stored Communications Act ... Describe the Federal Rules of Evidence ... Describe Net Neutrality Bill ... Where are system logs found on a mac? /var/log/ What are found at /var/log/? Mac system files What are found at /var/audit? ... What tool can you use to view data from Linux kernal ring buffers? dmesg What does the dmesg command do? It allows the viewing of Linux kernal ring buffers and other system files What does fsck do? ... Describe the tool Quick Recovery ... Describe the tool Handy Recovery ... Describe the tool EaseUS Data Recovery You can use it to find Adobe PDF files in a bit-stream copy of a harddrive that has been reformatted Describe the tool Stellar Data Recovery ... What are important hexidecimal values? ... What does 0xFFD8 represent? JPEG images What does 0x424D represent? ... What does 0xD0CF11E0A1B11AE1 represent? ... What does 0x504B600 represent? ... What does whitespace steganography mean? ... What does folder steganography mean? Allows a person to physically move a file but keep the associated files in their original place for recovery What does image steganography mean? embedding data in an image What does web steganography mean? ... Describe stego-only ... Describe known-stego ... Describe known-message When the text and output image are known but the algo isn't Describe chosen-message When the text is chosen and used to determine the algo used to hide it in an image What system does DaveGrohl target? OSX What is DaveGrohl? An OSX password cracker Describe what cain and able is and what systems it works on ... Describe what l0phtcrack is and what systems it works on ... Describe what Ophcrack is and what systems it works on ... Describe what Kibana is and what systems it works on ... Describe what OSSEC is and what systems it works on ... Describe what syslog-ng is and what systems it works on ... Describe what wireshark is and what systems it works on ... Describe what EnCase is and what systems it works on It allows you to review or process information in windows without the window api Describe what netstat is and what systems it works on ... Describe what dd is and what systems it works on ... Describe what LogMeister is and what systems it works on ... What web-based app attack corrupts the execution stack of a web app? BufferOverflow Describe a bufferoverflow ... Describe cookie poisoning ... Describe SQL injection Using non-validated SQL requests to access data not intended to be accessed. Usually includes closing the original search query and then writing your own all in the search box Describe Denial of Service When someone purpose overwhelms a computer with too much traffic until it is unable to handle it and crashes or reboots. This blocks legitimate traffic from reaching its intended location and makes network usage nearly impossible. Is generally done by rogue devices such as IOT or insecure computers