Examination Practice Test Questions With Correct
Answers (Verified Answers) Plus Rationales 2026
Q&A | Instant Download Pdf
1. Which law primarily governs unauthorized access to computer
systems in the United States?
A. Fourth Amendment
B. Computer Fraud and Abuse Act (CFAA)
C. Freedom of Information Act
D. Patriot Act
Answer: B
Rationale: The CFAA is the primary federal statute addressing
unauthorized access to computers and related fraud. It criminalizes
hacking, password theft, and other forms of unlawful access to
protected systems.
2. What is the primary purpose of digital forensics in cybercrime
investigations?
,A. To delete malicious software
B. To recover, preserve, and analyze digital evidence
C. To upgrade computer systems
D. To encrypt sensitive files
Answer: B
Rationale: Digital forensics focuses on properly identifying, preserving,
analyzing, and presenting electronic evidence in a legally admissible
manner.
3. Which type of malware replicates itself without attaching to a host
file?
A. Trojan horse
B. Worm
C. Spyware
D. Rootkit
Answer: B
Rationale: A worm is a standalone malware program that self-replicates
and spreads across networks without needing a host file.
4. What is the first step in the digital forensic process?
A. Analysis
,B. Presentation
C. Identification
D. Reporting
Answer: C
Rationale: Identification involves recognizing potential sources of digital
evidence before collection and analysis occur.
5. What does hashing primarily ensure in cyber investigations?
A. Data compression
B. Data encryption
C. Data integrity verification
D. File deletion
Answer: C
Rationale: Hashing creates a unique digital fingerprint that ensures
evidence has not been altered.
6. Which protocol is commonly used for secure web communication?
A. HTTP
B. FTP
C. HTTPS
D. SMTP
, Answer: C
Rationale: HTTPS encrypts data using TLS/SSL, ensuring secure
communication over the internet.
7. What is phishing?
A. A method of hardware repair
B. A technique for encrypting data
C. Fraudulent attempts to obtain sensitive information
D. A network configuration tool
Answer: C
Rationale: Phishing involves deceptive communications designed to trick
individuals into revealing personal or financial information.
8. Which device stores long-term evidence in a digital investigation?
A. RAM
B. Cache
C. Hard drive
D. CPU registers
Answer: C
Rationale: Hard drives retain persistent data, making them key evidence
sources in forensic analysis.