WGU Course C840 - Digital Forensics In
Cybersecurity Quizlet By Brian Macfarlane
Questions With Solved Solutions.
The ychief yinformation yofficer yof yan yaccounting yfirm ybelieves ysensitive ydata yis ybeing yexposed yon ythe
ylocal ynetwork. yWhich ytool yshould ythe yIT ystaff yuse yto ygather ydigital yevidence yabout ythis ysecurity
yvulnerability?
A ySniffer
B yDisk yanalyzer
C yTracer
D yVirus yscanner y- y y y ycorrect yanswer.A
A ypolice ydetective yinvestigating ya ythreat ytraces ythe ysource yto ya yhouse. yThe ycouple yat ythe yhouse yshows
ythe ydetective ythe yonly ycomputer ythe yfamily yowns, ywhich yis yin ytheir yson's ybedroom. yThe ycouple ystates
ythat ytheir yson yis ypresently yin yclass yat ya ylocal ymiddle yschool.
How yshould ythe ydetective ylegally ygain yaccess yto ythe ycomputer?
A yObtain ya ysearch ywarrant yfrom ythe ypolice
B ySeize ythe ycomputer yunder ythe yUSA yPatriot yAct
C yObtain yconsent yto ysearch yfrom ythe yparents
D ySeize ythe ycomputer yunder ythe yComputer ySecurity yAct y- y y y ycorrect yanswer.C
How yshould ya yforensic yscientist yobtain ythe ynetwork yconfiguration yfrom ya yWindows yPC ybefore yseizing yit
yfrom ya ycrime yscene?
A yBy yusing ythe yipconfig ycommand yfrom ya ycommand yprompt yon ythe ycomputer
,B yBy yusing ythe ytracert ycommand yfrom ya ycommand yprompt yon ythe ycomputer
C yBy ylogging yinto ythe yrouter yto ywhich ythe yPC yis yconnected
D yBy yinstalling ya ynetwork ypacket ysniffer yon ythe ycomputer y- y y y ycorrect yanswer.A
The yhuman yresources ymanager yof ya ysmall yaccounting yfirm ybelieves yhe ymay yhave ybeen ya yvictim yof ya
yphishing yscam. yThe ymanager yclicked yon ya ylink yin yan yemail ymessage ythat yasked yhim yto yverify ythe ylogon
ycredentials yfor ythe yfirm's yonline ybank yaccount.
Which ydigital yevidence yshould ya yforensic yinvestigator ycollect yto yinvestigate ythis yincident?
A ySystem ylog
B ySecurity ylog
C yDisk ycache
D yBrowser ycache y- y y y ycorrect yanswer.D
After ya ycompany's ysingle-purpose, ydedicated ymessaging yserver yis yhacked yby ya ycybercriminal, ya
yforensics yexpert yis yhired yto yinvestigate ythe ycrime yand ycollect yevidence.
Which ydigital yevidence yshould ybe ycollected?
A yWeb yserver ylogs
B yFirewall ylogs
C yPhishing yemails
D ySpam ymessages y- y y y ycorrect yanswer.B
Thomas yreceived yan yemail ystating ythat yhe yneeded yto yfollow ya ylink yand yverify yhis ybank yaccount
yinformation yto yensure yit ywas ysecure. yShortly yafter yfollowing ythe yinstructions, yThomas ynoticed ymoney
ywas ymissing yfrom yhis yaccount.
Which ydigital yevidence yshould ybe yconsidered yto ydetermine yhow yThomas' yaccount yinformation ywas
ycompromised?
,A ySocial ymedia yaccounts
B yRouter ylogs
C yFlash ydrive ycontents
D yEmail ymessages y- y y y ycorrect yanswer.D
The ychief yexecutive yofficer y(CEO) yof ya ysmall ycomputer ycompany yhas yidentified ya ypotential yhacking
yattack yfrom yan youtside ycompetitor. y
Which ytype yof yevidence yshould ya yforensics yinvestigator yuse yto yidentify ythe ysource yof ythe yhack?
A yDisk ydrive ybackups
B yNetwork ytransaction ylogs
C yBrowser yhistory
D yEmail yheaders y- y y y ycorrect yanswer.B
A yforensic yscientist yarrives yat ya ycrime yscene yto ybegin ycollecting yevidence.
What yis ythe yfirst ything ythe yforensic yscientist yshould ydo?
A yTurn yoff ythe ypower yto ythe yentire yarea ybeing yexamined
B yUnplug yall ynetwork yconnections yso ydata ycannot ybe ydeleted yremotely
C yGather yup yall yphysical yevidence yand ymove yit yout yas yquickly yas ypossible
D yPhotograph yall yevidence yin yits yoriginal yplace y- y y y ycorrect yanswer.D
Which ymethod yof ycopying ydigital yevidence yensures yproper yevidence ycollection?
A yMake ythe ycopy yusing yfile ytransfer
B yCopy yfiles yusing ydrag yand ydrop
, C yMake ythe ycopy yat ythe ybit-level
D yCopy ythe ylogical ypartitions y- y y y ycorrect yanswer.C
A ycomputer yinvolved yin ya ycrime yis yinfected ywith ymalware. yThe ycomputer yis yon yand yconnected yto ythe
ycompany's ynetwork. yThe yforensic yinvestigator yarrives yat ythe yscene.
Which yaction yshould ybe ythe yinvestigator's yfirst ystep?
A yRemove ythe ymalware yand ysecure ythe ycomputer.
B yUnplug ythe ycomputer's ypower ycord.
C yUnplug ythe ycomputer's yEthernet ycable.
D yLabel yall ythe yattachments yand ysecure ythe ycomputer. y- y y y ycorrect yanswer.C
What yare ythe ythree ybasic ytasks ythat ya ysystems yforensic yspecialist ymust ykeep yin ymind ywhen yhandling
yevidence yduring ya ycybercrime yinvestigation?
Answer yoptions ymay ybe yused ymore ythan yonce yor ynot yat yall. ySelect yyour yanswers yfrom ythe ypull-down
ylist.
1 yPreserve yevidence
2 yCatalog yevidence
3 yPrepare yevidence
4 yMake ymultiple ycopies yof yevidence
5 yDisseminate yevidence
6 yPrepare yevidence yreport
7 yFind yevidence
A y1,3,7
B y2,3,7 y- y y y ycorrect yanswer.A
Cybersecurity Quizlet By Brian Macfarlane
Questions With Solved Solutions.
The ychief yinformation yofficer yof yan yaccounting yfirm ybelieves ysensitive ydata yis ybeing yexposed yon ythe
ylocal ynetwork. yWhich ytool yshould ythe yIT ystaff yuse yto ygather ydigital yevidence yabout ythis ysecurity
yvulnerability?
A ySniffer
B yDisk yanalyzer
C yTracer
D yVirus yscanner y- y y y ycorrect yanswer.A
A ypolice ydetective yinvestigating ya ythreat ytraces ythe ysource yto ya yhouse. yThe ycouple yat ythe yhouse yshows
ythe ydetective ythe yonly ycomputer ythe yfamily yowns, ywhich yis yin ytheir yson's ybedroom. yThe ycouple ystates
ythat ytheir yson yis ypresently yin yclass yat ya ylocal ymiddle yschool.
How yshould ythe ydetective ylegally ygain yaccess yto ythe ycomputer?
A yObtain ya ysearch ywarrant yfrom ythe ypolice
B ySeize ythe ycomputer yunder ythe yUSA yPatriot yAct
C yObtain yconsent yto ysearch yfrom ythe yparents
D ySeize ythe ycomputer yunder ythe yComputer ySecurity yAct y- y y y ycorrect yanswer.C
How yshould ya yforensic yscientist yobtain ythe ynetwork yconfiguration yfrom ya yWindows yPC ybefore yseizing yit
yfrom ya ycrime yscene?
A yBy yusing ythe yipconfig ycommand yfrom ya ycommand yprompt yon ythe ycomputer
,B yBy yusing ythe ytracert ycommand yfrom ya ycommand yprompt yon ythe ycomputer
C yBy ylogging yinto ythe yrouter yto ywhich ythe yPC yis yconnected
D yBy yinstalling ya ynetwork ypacket ysniffer yon ythe ycomputer y- y y y ycorrect yanswer.A
The yhuman yresources ymanager yof ya ysmall yaccounting yfirm ybelieves yhe ymay yhave ybeen ya yvictim yof ya
yphishing yscam. yThe ymanager yclicked yon ya ylink yin yan yemail ymessage ythat yasked yhim yto yverify ythe ylogon
ycredentials yfor ythe yfirm's yonline ybank yaccount.
Which ydigital yevidence yshould ya yforensic yinvestigator ycollect yto yinvestigate ythis yincident?
A ySystem ylog
B ySecurity ylog
C yDisk ycache
D yBrowser ycache y- y y y ycorrect yanswer.D
After ya ycompany's ysingle-purpose, ydedicated ymessaging yserver yis yhacked yby ya ycybercriminal, ya
yforensics yexpert yis yhired yto yinvestigate ythe ycrime yand ycollect yevidence.
Which ydigital yevidence yshould ybe ycollected?
A yWeb yserver ylogs
B yFirewall ylogs
C yPhishing yemails
D ySpam ymessages y- y y y ycorrect yanswer.B
Thomas yreceived yan yemail ystating ythat yhe yneeded yto yfollow ya ylink yand yverify yhis ybank yaccount
yinformation yto yensure yit ywas ysecure. yShortly yafter yfollowing ythe yinstructions, yThomas ynoticed ymoney
ywas ymissing yfrom yhis yaccount.
Which ydigital yevidence yshould ybe yconsidered yto ydetermine yhow yThomas' yaccount yinformation ywas
ycompromised?
,A ySocial ymedia yaccounts
B yRouter ylogs
C yFlash ydrive ycontents
D yEmail ymessages y- y y y ycorrect yanswer.D
The ychief yexecutive yofficer y(CEO) yof ya ysmall ycomputer ycompany yhas yidentified ya ypotential yhacking
yattack yfrom yan youtside ycompetitor. y
Which ytype yof yevidence yshould ya yforensics yinvestigator yuse yto yidentify ythe ysource yof ythe yhack?
A yDisk ydrive ybackups
B yNetwork ytransaction ylogs
C yBrowser yhistory
D yEmail yheaders y- y y y ycorrect yanswer.B
A yforensic yscientist yarrives yat ya ycrime yscene yto ybegin ycollecting yevidence.
What yis ythe yfirst ything ythe yforensic yscientist yshould ydo?
A yTurn yoff ythe ypower yto ythe yentire yarea ybeing yexamined
B yUnplug yall ynetwork yconnections yso ydata ycannot ybe ydeleted yremotely
C yGather yup yall yphysical yevidence yand ymove yit yout yas yquickly yas ypossible
D yPhotograph yall yevidence yin yits yoriginal yplace y- y y y ycorrect yanswer.D
Which ymethod yof ycopying ydigital yevidence yensures yproper yevidence ycollection?
A yMake ythe ycopy yusing yfile ytransfer
B yCopy yfiles yusing ydrag yand ydrop
, C yMake ythe ycopy yat ythe ybit-level
D yCopy ythe ylogical ypartitions y- y y y ycorrect yanswer.C
A ycomputer yinvolved yin ya ycrime yis yinfected ywith ymalware. yThe ycomputer yis yon yand yconnected yto ythe
ycompany's ynetwork. yThe yforensic yinvestigator yarrives yat ythe yscene.
Which yaction yshould ybe ythe yinvestigator's yfirst ystep?
A yRemove ythe ymalware yand ysecure ythe ycomputer.
B yUnplug ythe ycomputer's ypower ycord.
C yUnplug ythe ycomputer's yEthernet ycable.
D yLabel yall ythe yattachments yand ysecure ythe ycomputer. y- y y y ycorrect yanswer.C
What yare ythe ythree ybasic ytasks ythat ya ysystems yforensic yspecialist ymust ykeep yin ymind ywhen yhandling
yevidence yduring ya ycybercrime yinvestigation?
Answer yoptions ymay ybe yused ymore ythan yonce yor ynot yat yall. ySelect yyour yanswers yfrom ythe ypull-down
ylist.
1 yPreserve yevidence
2 yCatalog yevidence
3 yPrepare yevidence
4 yMake ymultiple ycopies yof yevidence
5 yDisseminate yevidence
6 yPrepare yevidence yreport
7 yFind yevidence
A y1,3,7
B y2,3,7 y- y y y ycorrect yanswer.A
