Axiom Exam Study Guide Questions & Answers 2024/2025

Axiom Exam Study Guide Questions & Answers 2024/2025 When setting up a new case in Magnet AXIOM process, can you specify separate locations for the case files and the evidence files? - ANS-Yes Which types of devices can be imaged using Magnet AXIOM Process? - ANS-Hard Drives, Thumb Drives, iOS Phones, Android phones Is it possible to only scan Volume Shadow Copies from a drive? - ANS-Yes Which option should be used when loading in data from an iOS or Android device? - ANS-Mobile Can Magnet AXIOM Process filter files via hash values? - ANS-Yes What are the two main programs of the AXIOM forensics suite? - ANS-Examine & Process AXIOM will run natively on a Mac computer. - ANS-False AXIOM Process and AXIOM Examine both can be run through a virtual machine. - ANS-True What are the three distinct steps of the forensic process? - ANS-Acquisition or Extraction Processing Analysis You are working a case and want to know if AXIOM supports extracting artifacts from the app Yik Yak. What documentation can you view to determine if Yik Yak is supported? - ANS-Artifact reference What three licensing options are available for the user to license Magnet Forensics AXIOM? - ANS-License Key, Network Server, Axiom USB AXIOM Process allows the user to set up the data for Acquisition (imaging) and Processing in the same single step. - ANS-True When setting up an item of evidence for processing, what two options are available? - ANS-Load Evidence Acquire Evidence During setup for processing, the user can specify the Search Type to be conducted on an item of digital evidence. - ANS-True You can specify that keyword searches be run against either Artifacts or All Content. - ANS-True You suspect that a user has an encrypted mobile backup on their computer. You have a list of ten possible passwords. How should you configure the options for processing the computer to ensure that you get the information from the backups? - ANS-Check "Search Mobile Backups" and then enter each password that you have in the Mobile Backup Passwords box. When using Magnet.AI to categorize chats, the AI analysis is based on individual messages and not on the entire chat conversation. - ANS-False The app Club Penguin is found on a suspect's phone. Through research, you determine that AXIOM does not support the app and that the app stores information in a SQLite database. What option can you select during processing to seek out the Club Penguin database? - ANS-Dynamic App Finder It is possible to add evidence to a case that has already been processed. - ANS-True If the option "Automatically Build Connections" is checked, connections will automatically be built during the first processing of the case but will NOT be built if any additional evidence is added to the case. - ANS-False When in File System view, it is possible to view all sub-folders of the main folder that you are clicked on? - ANS-Yes From the Case Dashboard, you chose the option "Categorize pictures with Magnet.AI." Which of the following options are available for categorization? - ANS-All pictures Which two hash formats does AXIOM use? - ANS-MD5 SHA1 You want to create a full image of a hard drive. Which two image formats are available in AXIOM? - ANS-.E01 and .RAW Since there are substantial differences between computer, mobile, and cloud artifacts, separate AXIOM cases must be created for each type of evidence. - ANS-False Which type of scan is the slowest? - ANS-Sector Level Scan During imaging, is it possible to break the image file created into segments? - ANS-Yes When processing a case, you enable the option to Remove Duplicates. An identical picture file is located in /Downloads and in /Documents/Pictures. Since processing removed duplicates, only one of these files will be available to view in AXIOM Examine. - ANS-False continues...