Exam Questions And Correct Answer with
Rational (100% verified answer) Q & A 2026
/Instant download PDF
1. What is the primary goal of cyber forensics?
A. Create software
B. Recover and analyze digital evidence
C. Design networks
D. Encrypt data
Answer: B
Rationale: Cyber forensics focuses on identifying, preserving, analyzing, and
presenting digital evidence.
2. What is the first step in digital investigation?
A. Analysis
B. Preservation
C. Identification
D. Reporting
Answer: C
Rationale: Identification determines potential evidence sources before collection.
3. What does chain of custody ensure?
A. Data encryption
B. Evidence integrity tracking
C. System backup
,D. Network security
Answer: B
Rationale: It ensures evidence is not tampered with during investigation.
4. Which tool is commonly used for disk imaging?
A. Wireshark
B. FTK Imager
C. Nmap
D. Metasploit
Answer: B
Rationale: FTK Imager creates forensic copies of storage media.
5. What is volatile data?
A. Archived logs
B. RAM data
C. Backup files
D. Encrypted disks
Answer: B
Rationale: Volatile data is temporary and lost when power is off.
6. What file system is common in Windows?
A. EXT4
B. NTFS
C. FAT32
D. HFS+
Answer: B
Rationale: NTFS is the default Windows file system.
, 7. What does hashing ensure?
A. Compression
B. Integrity verification
C. Encryption
D. Execution speed
Answer: B
Rationale: Hashing verifies data has not been altered.
8. Which algorithm is widely used in forensics?
A. MD5
B. RSA
C. AES
D. DES
Answer: A
Rationale: MD5 is commonly used for file integrity checks.
9. What is a forensic image?
A. Screenshot
B. Bit-by-bit copy of storage
C. Video recording
D. Backup folder
Answer: B
Rationale: It is an exact replica of digital media.
10. What is anti-forensics?
A. Evidence collection
B. Evidence hiding techniques
C. Data recovery