WGUMaster's v
Course C702 -
v v v
Forensics and
v v
Network
v
Intrusion
, WGU Master's Course C702 - Forensics and Network
Intrusion With Complete Solution
A software company suspects that employees have set up automatic corporate email
v v v v v v v v v v v
forwarding to their personal inboxes against company policy. The company hires
v v v v v v v v v v v
forensic investigators to identify the employees violating policy, with the intention of
v v v v v v v v v v v v
issuing warnings to them.
v v v v
Which type of cybercrime investigation approach is this company taking?
v v v v v v v v v
A Civil
v
B Criminal
v
C Administrative
v
D Punitive -CORRECT ANSWER
v v v C
Which model or legislation applies a holistic approach toward any criminal activity as a
v v v v v v v v v v v v v
criminal operation?
v v
A Enterprise Theory of Investigation
v v v v
B Racketeer Influenced and Corrupt Organizations Act
v v v v v v
C Evidence Examination
v v
D Law Enforcement Cyber Incident Reporting -CORRECT ANSWER
v v v v v v v A
What does a forensic investigator need to obtain before seizing a computing device in a
v v v v v v v v v v v v v v
criminal case?
v v
A Court warrant
v v
B Completed crime report
v v v
C Chain of custody document
v v v v
D Plaintiff's permission -CORRECT ANSWER
v v v v A
Which activity should be used to check whether an application has ever been installed
v v v v v v v v v v v v v
on a computer?
v v v
A Penetration test
v v
B Risk analysis
v v
C Log review
v v
D Security review -CORRECT ANSWER
v v v v C
Which characteristic describes an organization's forensic readiness in the context of
v v v v v v v v v v
cybercrimes?
v
A It includes moral considerations.
v v v v
B It includes cost considerations.
v v v v
C It excludes nontechnical actions.
v v v v
, WGU Master's Course C702 - Forensics and Network
Intrusion With Complete Solution
D It excludes technical actions. -CORRECT ANSWER
v v v v v v B
A cybercrime investigator identifies a Universal Serial Bus (USB) memory stick
v v v v v v v v v v
containing emails as a primary piece of evidence.
v v v v v v v v
Who must sign the chain of custody document once the USB stick is in evidence?
v v v v v v v v v v v v v v
A Those who obtain access to the device
v v v v v v v
B Anyone who has ever used the device
v v v v v v v
C Recipients of emails on the device
v v v v v v
D Authors of emails on the device -CORRECT ANSWER
v v v v v v v v A
Which type of attack is a denial-of-service technique that sends a large amount of data
v v v v v v v v v v v v v v
to overwhelm system resources?
v v v v
A Phishing
v
B Spamming
v
C Mail bombing
v v
D Bluejacking -CORRECT ANSWER
v v v C
Which computer crime forensics step requires an investigator to duplicate and image
v v v v v v v v v v v
the collected digital information?
v v v v
A Securing evidence
v v
B Acquiring data
v v
C Analyzing data
v v
D Assessing evidence -CORRECT ANSWER
v v v v B
What is the last step of a criminal investigation that requires the involvement of a
v v v v v v v v v v v v v v
computer forensic investigator?
v v v
A Analyzing the data collected
v v v v
B Testifying in court
v v v
C Assessing the evidence
v v v
D Performing search and seizure -CORRECT ANSWER
v v v v v v B
How can a forensic investigator verify an Android mobile device is on, without potentially
v v v v v v v v v v v v v
changing the original evidence or interacting with the operating system?
v v v v v v v v v v
A Check to see if it is plugged into a computer
v v v v v v v v v v
B Tap the screen multiple times
v v v v v
C Look for flashing lights
v v v v
D Hold down the power button -CORRECT ANSWER
v v v v v v v C
, WGU Master's Course C702 - Forensics and Network
Intrusion With Complete Solution
What should a forensic investigator use to protect a mobile device if a Faraday bag is
v v v v v v v v v v v v v v v
not available?
v v
A Aluminum foil
v v
B Sturdy container
v v
C Cardboard box
v v
D Bubble wrap -CORRECT ANSWER
v v v v A
Which criterion determines whether a technology used by government to obtain
v v v v v v v v v v
information in a computer search is considered innovative and requires a search
v v v v v v v v v v v v
warrant?
v
A Availability to the general public
v v v v v
B Dependency on third-party software
v v v v
C Implementation based on open source software
v v v v v v
D Use of cloud-based machine learning -CORRECT ANSWER
v v v v v v v A
Which situation allows a law enforcement officer to seize a hard drive from a residence
v v v v v v v v v v v v v v
without obtaining a search warrant?
v v v v v
A The computer is left unattended.
v v v v v
B The front door is wide open.
v v v v v v
C The occupant is acting suspicious.
v v v v v
D The evidence is in imminent danger. -CORRECT ANSWER
v v v v v v v v D
Which legal document contains a summary of findings and is used to prosecute?
v v v v v v v v v v v v
A Investigation report
v v
B Search warrant
v v
C Search and seizure
v v v
D Chain of custody -CORRECT ANSWER
v v v v v A
What should an investigator use to prevent any signals from reaching a mobile phone?
v v v v v v v v v v v v v
A Faraday bag
v v
B Dry bag
v v
C Anti-static container
v v
D Lock box -CORRECT ANSWER
v v v v A
A forensic investigator is called to the stand as a technical witness in an internet
v v v v v v v v v v v v v v
payment fraud case.
v v v
Which behavior is considered ethical by this investigator while testifying?
v v v v v v v v v
A Providing and explaining facts found during the investigation
v v v v v v v v
Course C702 -
v v v
Forensics and
v v
Network
v
Intrusion
, WGU Master's Course C702 - Forensics and Network
Intrusion With Complete Solution
A software company suspects that employees have set up automatic corporate email
v v v v v v v v v v v
forwarding to their personal inboxes against company policy. The company hires
v v v v v v v v v v v
forensic investigators to identify the employees violating policy, with the intention of
v v v v v v v v v v v v
issuing warnings to them.
v v v v
Which type of cybercrime investigation approach is this company taking?
v v v v v v v v v
A Civil
v
B Criminal
v
C Administrative
v
D Punitive -CORRECT ANSWER
v v v C
Which model or legislation applies a holistic approach toward any criminal activity as a
v v v v v v v v v v v v v
criminal operation?
v v
A Enterprise Theory of Investigation
v v v v
B Racketeer Influenced and Corrupt Organizations Act
v v v v v v
C Evidence Examination
v v
D Law Enforcement Cyber Incident Reporting -CORRECT ANSWER
v v v v v v v A
What does a forensic investigator need to obtain before seizing a computing device in a
v v v v v v v v v v v v v v
criminal case?
v v
A Court warrant
v v
B Completed crime report
v v v
C Chain of custody document
v v v v
D Plaintiff's permission -CORRECT ANSWER
v v v v A
Which activity should be used to check whether an application has ever been installed
v v v v v v v v v v v v v
on a computer?
v v v
A Penetration test
v v
B Risk analysis
v v
C Log review
v v
D Security review -CORRECT ANSWER
v v v v C
Which characteristic describes an organization's forensic readiness in the context of
v v v v v v v v v v
cybercrimes?
v
A It includes moral considerations.
v v v v
B It includes cost considerations.
v v v v
C It excludes nontechnical actions.
v v v v
, WGU Master's Course C702 - Forensics and Network
Intrusion With Complete Solution
D It excludes technical actions. -CORRECT ANSWER
v v v v v v B
A cybercrime investigator identifies a Universal Serial Bus (USB) memory stick
v v v v v v v v v v
containing emails as a primary piece of evidence.
v v v v v v v v
Who must sign the chain of custody document once the USB stick is in evidence?
v v v v v v v v v v v v v v
A Those who obtain access to the device
v v v v v v v
B Anyone who has ever used the device
v v v v v v v
C Recipients of emails on the device
v v v v v v
D Authors of emails on the device -CORRECT ANSWER
v v v v v v v v A
Which type of attack is a denial-of-service technique that sends a large amount of data
v v v v v v v v v v v v v v
to overwhelm system resources?
v v v v
A Phishing
v
B Spamming
v
C Mail bombing
v v
D Bluejacking -CORRECT ANSWER
v v v C
Which computer crime forensics step requires an investigator to duplicate and image
v v v v v v v v v v v
the collected digital information?
v v v v
A Securing evidence
v v
B Acquiring data
v v
C Analyzing data
v v
D Assessing evidence -CORRECT ANSWER
v v v v B
What is the last step of a criminal investigation that requires the involvement of a
v v v v v v v v v v v v v v
computer forensic investigator?
v v v
A Analyzing the data collected
v v v v
B Testifying in court
v v v
C Assessing the evidence
v v v
D Performing search and seizure -CORRECT ANSWER
v v v v v v B
How can a forensic investigator verify an Android mobile device is on, without potentially
v v v v v v v v v v v v v
changing the original evidence or interacting with the operating system?
v v v v v v v v v v
A Check to see if it is plugged into a computer
v v v v v v v v v v
B Tap the screen multiple times
v v v v v
C Look for flashing lights
v v v v
D Hold down the power button -CORRECT ANSWER
v v v v v v v C
, WGU Master's Course C702 - Forensics and Network
Intrusion With Complete Solution
What should a forensic investigator use to protect a mobile device if a Faraday bag is
v v v v v v v v v v v v v v v
not available?
v v
A Aluminum foil
v v
B Sturdy container
v v
C Cardboard box
v v
D Bubble wrap -CORRECT ANSWER
v v v v A
Which criterion determines whether a technology used by government to obtain
v v v v v v v v v v
information in a computer search is considered innovative and requires a search
v v v v v v v v v v v v
warrant?
v
A Availability to the general public
v v v v v
B Dependency on third-party software
v v v v
C Implementation based on open source software
v v v v v v
D Use of cloud-based machine learning -CORRECT ANSWER
v v v v v v v A
Which situation allows a law enforcement officer to seize a hard drive from a residence
v v v v v v v v v v v v v v
without obtaining a search warrant?
v v v v v
A The computer is left unattended.
v v v v v
B The front door is wide open.
v v v v v v
C The occupant is acting suspicious.
v v v v v
D The evidence is in imminent danger. -CORRECT ANSWER
v v v v v v v v D
Which legal document contains a summary of findings and is used to prosecute?
v v v v v v v v v v v v
A Investigation report
v v
B Search warrant
v v
C Search and seizure
v v v
D Chain of custody -CORRECT ANSWER
v v v v v A
What should an investigator use to prevent any signals from reaching a mobile phone?
v v v v v v v v v v v v v
A Faraday bag
v v
B Dry bag
v v
C Anti-static container
v v
D Lock box -CORRECT ANSWER
v v v v A
A forensic investigator is called to the stand as a technical witness in an internet
v v v v v v v v v v v v v v
payment fraud case.
v v v
Which behavior is considered ethical by this investigator while testifying?
v v v v v v v v v
A Providing and explaining facts found during the investigation
v v v v v v v v