WGU C702 - FORENSICS AND
NETWORK INTRUSION QUESTIONS
& ANSWERS(RATED A+)
Computer Forensics - ANSWERA set of methodological procedures and techniques
that help identify, gather, preserve, extract, interpret, document, and present
evidence from computing equipment, such that any discovered evidence is
acceptable during a legal and/or administrative proceeding.
Forensic Investigators - ANSWERTrained professionals who extract,
analyze/investigate, and report crimes that either target technology or use it as a tool
to commit a crime.
Objectives of Computer Forensics - ANSWER1. Identify, gather, and preserve the
evidence of a cybercrime
2. Track and prosecute the perpetrators in a court of law
3. Interpret, document, and present the evidence such that it is admissible during
prosecution
4. Estimate the potential impact of malicious activity on the victim and assess the
intent of the perpetrator
5. Find vulnerabilities and security loopholes that help attackers
6. Understand the techniques and methods used by attackers to avert prosecution
and overcome them
7. Recover deleted files, hidden files, and temporary data that can be used as
evidence
8. Perform incident response (IR) to prevent further loss of intellectual property,
finances, and reputation during an attack
9. Know the laws of various regions and areas, as digital crimes are widespread and
remote
10. Know the process of handling multiple platforms, data types, and operating
systems
11. Learn to identify and use the appropriate tools for forensic investigations
The Main Role of Computer Forensics - ANSWER1. Ensure the overall integrity and
the continued existence of an organization's computer system and network
infrastructure
, 2. Help the organization capture important information if their computer systems or
networks are compromised. Forensic evidence also helps prosecute the perpetrator
of a cybercrime, if caught.
3. Extract, process, and interpret the actual evidence so that it proves the attacker's
actions and their guilt or innocence in court
4. Efficiently track down perpetrators/terrorists from different parts of the world.
Terrorists who use the Internet as a communication medium can be tracked down,
and their plans can be discovered. IP addresses are vital to finding the geographical
location of the terrorists.
5. Save the organization's money and valuable time. Many managers allocate a
large portion of their IT budget for computer and network security.
6. Track complex cases such as email spamming and other nefarious activities, etc.
Why should computer forensics be used? - ANSWER1. Prepare for incidents in
advance to ensure the integrity and continuity of network infrastructure
2. Identify and gather evidence of cybercrimes in a forensically sound manner
3. Offer ample protection to data resources and ensure regulatory compliance
4. Protect the organization from similar incidents in the future
5. Help counteract online crimes such as abuse, bullying, and reputation damage
6. Minimize the tangible and intangible losses to an organization or an individual
7. Support the prosecution of the perpetrator of a cybercrime
When should computer forensics be used? - ANSWER1. Prepare for incidents by
securing and strengthening the defense mechanism as well as closing the loopholes
in security
2. Gaining knowledge of the regulations related to cyber laws and comply with them
3. Report incidents involving a breach of cybersecurity
4. Identify the actions needed for incident response
5. Act against copyright and intellectual property theft/misuse
6. Settle disputes among employees or between the employer and employees
7. Estimate and minimize the damage to resources in a corporate setup
NETWORK INTRUSION QUESTIONS
& ANSWERS(RATED A+)
Computer Forensics - ANSWERA set of methodological procedures and techniques
that help identify, gather, preserve, extract, interpret, document, and present
evidence from computing equipment, such that any discovered evidence is
acceptable during a legal and/or administrative proceeding.
Forensic Investigators - ANSWERTrained professionals who extract,
analyze/investigate, and report crimes that either target technology or use it as a tool
to commit a crime.
Objectives of Computer Forensics - ANSWER1. Identify, gather, and preserve the
evidence of a cybercrime
2. Track and prosecute the perpetrators in a court of law
3. Interpret, document, and present the evidence such that it is admissible during
prosecution
4. Estimate the potential impact of malicious activity on the victim and assess the
intent of the perpetrator
5. Find vulnerabilities and security loopholes that help attackers
6. Understand the techniques and methods used by attackers to avert prosecution
and overcome them
7. Recover deleted files, hidden files, and temporary data that can be used as
evidence
8. Perform incident response (IR) to prevent further loss of intellectual property,
finances, and reputation during an attack
9. Know the laws of various regions and areas, as digital crimes are widespread and
remote
10. Know the process of handling multiple platforms, data types, and operating
systems
11. Learn to identify and use the appropriate tools for forensic investigations
The Main Role of Computer Forensics - ANSWER1. Ensure the overall integrity and
the continued existence of an organization's computer system and network
infrastructure
, 2. Help the organization capture important information if their computer systems or
networks are compromised. Forensic evidence also helps prosecute the perpetrator
of a cybercrime, if caught.
3. Extract, process, and interpret the actual evidence so that it proves the attacker's
actions and their guilt or innocence in court
4. Efficiently track down perpetrators/terrorists from different parts of the world.
Terrorists who use the Internet as a communication medium can be tracked down,
and their plans can be discovered. IP addresses are vital to finding the geographical
location of the terrorists.
5. Save the organization's money and valuable time. Many managers allocate a
large portion of their IT budget for computer and network security.
6. Track complex cases such as email spamming and other nefarious activities, etc.
Why should computer forensics be used? - ANSWER1. Prepare for incidents in
advance to ensure the integrity and continuity of network infrastructure
2. Identify and gather evidence of cybercrimes in a forensically sound manner
3. Offer ample protection to data resources and ensure regulatory compliance
4. Protect the organization from similar incidents in the future
5. Help counteract online crimes such as abuse, bullying, and reputation damage
6. Minimize the tangible and intangible losses to an organization or an individual
7. Support the prosecution of the perpetrator of a cybercrime
When should computer forensics be used? - ANSWER1. Prepare for incidents by
securing and strengthening the defense mechanism as well as closing the loopholes
in security
2. Gaining knowledge of the regulations related to cyber laws and comply with them
3. Report incidents involving a breach of cybersecurity
4. Identify the actions needed for incident response
5. Act against copyright and intellectual property theft/misuse
6. Settle disputes among employees or between the employer and employees
7. Estimate and minimize the damage to resources in a corporate setup
