C702 - CHFI Exam | Questions with 100% Correct Answers| Graded A+

C702 - CHFI Exam | Questions
with 100% Correct Answers|
Graded A+

Which of the following is a computer-created source of potential evidence?
A. Spreadsheet
B. Bookmarks
C. Steganography

D. Swap file - ✔D. Swap
file Ref: Module 1, page 39


Which of the following is not where potential evidence may be located?
A. Smart card
B. Digital camera
C. Thumb drive

D. Processor - ✔D. Processor
Ref: Module 1, pages 37-38


Under which of the following conditions will duplicate evidence not suffice?
A. When original evidence is in possession of a third party
B. When original evidence is destroyed in the normal course of
business C. When original evidence is in possession of the originator

D. When original evidence is destroyed due to fire or flood - ✔C. When original evidence is
in possession of the originator
Ref: Module 1, page 42

,Which of the following Federal Rules of Evidence contains Rulings on Evidence?
A. Rule 103
B. Rule 102
C. Rule 101

D. Rule 105 - ✔A. Rule 103
Ref: Module 1, page 46


Which of the following Federal Rules of Evidence ensures that the truth may be ascertained and
the proceedings justly determined?
A. Rule 103
B. Rule 105
C. Rule 102

D. Rule 101 - ✔C. Rule 102
Ref: Module 1, page 46


Which of the following Federal Rules of Evidence governs proceedings in the courts of
the United States?
A. Rule 102
B. Rule 103
C. Rule 105

D. Rule 101 - ✔D. Rule 101
Ref: Module 1, page 45


Which of the following Federal Rules of Evidence states that the court shall restrict the
evidence to its proper scope and instruct the jury accordingly?
A. Rule 105
B. Rule 102
C. Rule 103

,D. Rule 101 - ✔A. Rule 105
Ref: Module 1, page 47


Which of the following answers refers to a set of methodological procedures and techniques
to identify, gather, preserve, extract, interpret, document, and present evidence from
computing equipment in such a manner that the discovered evidence is acceptable during a
legal and/or administrative proceeding in a court of law?
A. Disaster recovery
B. Computer forensics
C. Incident handling

D. Network analysis - ✔B. Computer forensics
Ref: Module 1, page 19


Minimizing the tangible and intangible losses to the organization or an individual is considered
an essential computer forensics use.
A. True

B. False - ✔A. True
Ref: Module 1, page 19


Cybercrimes can be classified into the following two types of attacks, based on the line of attack.
A. Fraud and spam
B. Internal and external

C. Phishing and malware - ✔B. Internal and
external Ref: Module 1, pages 25-26


Espionage, theft of intellectual property, manipulation of records, and Trojan horse attacks are
examples of what?
A. Insider attacks or primary threats
B. Outsider attacks or secondary threats
C. Outsider attacks or primary threats

, D. Insider attacks or secondary threats - ✔A. Insider attacks or primary threats
Ref: Module 1, page 26


External attacks occur when there are inadequate information-security policies and procedures.
A. False

B. True - ✔B. True
Ref: Module 1, page 26


Which type of cases involve disputes between two parties?
A. Civil
B. Administrative
C. Investigative

D. Criminal - ✔A.
Civil Ref: Module 1,
page 31


A computer forensic examiner can investigate any crime as long as he or she takes detailed
notes and follows the appropriate processes.
A. True

B. False - ✔B. False
Ref: Module 1, page 83


________ is the standard investigative model used by the FBI when conducting investigations
against major criminal organizations.
A. Enterprise Theory of Investigation (ETI)
B. Entrepreneur Theory of Investigation
C. Both Enterprise Theory of Investigation (ETI) and Entrepreneur Theory of Investigation -
✔A. Enterprise Theory of Investigation (ETI)
Ref: Module 1, page 34