Answers (2026) | Updated Comprehensive
Review with Detailed Rationales | A+ Verified
• Which of the following is NOT a objective of computer forensics? -
✓✓Document vulnerabilities allowing further loss of intellectual property,
finances, and reputation during an attack.
• Which of the following is true regarding Enterprise Theory of Investigation
(ETI)? -✓✓It adopts a holistic approach toward any criminal activity as a criminal
operation rather as a single criminal act.
• Forensic readiness refers to: -✓✓An organization's ability to make optimal use of
digital evidence in a limited time period and with minimal investigation costs.
• Which of the following is NOT a element of cybercrime? -✓✓Evidence smaller
in size.
• Which of the following is true of cybercrimes? -✓✓Investigators, with a warrant,
have the authority to forcibly seize the computing devices.
• Which of the following is true of cybercrimes? -✓✓The initial reporting of the
evidence is usually informal.
• Which of the following is NOT a consideration during a cybercrime
investigation? -✓✓Value or cost to the victim.
,• Which of the following is a user-created source of potential evidence? -
✓✓Address book.
• Which of the following is a computer-created source of potential evidence? -
✓✓Swap file.
• Which of the following is NOT where potential evidence may be located? -
✓✓Processor.
• Under which of the following conditions will duplicate evidence NOT suffice? -
✓✓When original evidence is in possession of the originator.
• Which of the following Federal Rules of Evidence governs proceedings in the
courts of the United States? -✓✓Rule 101.
• Which of the following Federal Rules of Evidence ensures that the truth may be
ascertained and the proceedings justly determined? -✓✓Rule 102.
• Which of the following Federal Rules of Evidence contains rulings on evidence?
-✓✓Rule 103
• Which of the following Federal Rules of Evidence states that the court shall
restrict the evidence to its proper scope and instruct the jury accordingly? -✓✓Rule
105
• Which of the following refers to a set of methodological procedures and
techniques to identify, gather, preserve, extract, interpret, document, and present
evidence from computing equipment in such a manner that the discovered evidence
, is acceptable during a legal and/or administrative proceeding in a court of law? -
✓✓Computer Forensics.
• Computer Forensics deals with the process of finding _____ related to a digital
crime to find the culprits and initiate legal action against them. -✓✓Evidence.
• Minimizing the tangible and intangible losses to the organization or an individual
is considered an essential computer forensics use. -✓✓True.
• Cybercrimes can be classified into the following two types of attacks, based on
the line of attack. -✓✓Internal and External.
• Espionage, theft of intellectual property, manipulation of records, and trojan
horse attacks are examples of what? -✓✓Insider attack or primary attacks.
• External attacks occur when there are inadequate information-security policies
and procedures. -✓✓True.
• Which type of cases involve disputes between two parties? -✓✓Civil.
• A computer forensic examiner can investigate any crime as long as he or she
takes detailed notes and follows the appropriate processes. -✓✓False.
• ________ is the standard investigative model used by the FBI when conducting
investigations against major criminal organizations. -✓✓Enterprise Theory of
Investigation (ETI).