Question 1: ________ is a unique identifier assigned to network interfaces for communications on the physical network segment.
A. Domain Name System
B. Traceroute
C. MAC Address
D. Internet Protocol (IP) Addresses
Solution: MAC Address
Question 2:________ unique address assigned to every computer connected to the network.
A. MAC Address
B. Domain Name System
C. Internet Protocol (IP) Addresses
D. Traceroute
Solution: Internet Protocol (IP) Addresses
Question 3: Which of the following are the possible locations to look for evidence in a network?
(I) From the victim computer
(II) From the attacked computer and intermediate computers
(III) From firewalls
(IV) From internetworking devices
A. (I), (II), (III) and (IV)
B. (II), (III) and (IV)
C. (I) and (II)
D. (I), (II) and (III)
Solution: (I), (II), (III) and (IV)
Question 4:A (n ) ________detection system is hardware or software used to monitor network traffic for malicious activity. It can provide alerts when suspicious activity occurs and provide detailed logging information with professional reporting capabilities.
A. firewall
B. intrusion
C. application
D. prevention
Solution: intrusion
Question 5: Which of the following is used by a network administrator to inspect data packets on a network and determine, based on its set of rules, whether each packet should be allowed through?
A. Content filter
B. Sandbox
C. Packet capturing
D. Firewall
Solution: Firewall
Question 6: Which of the following security tool would BEST be used at identifying and reacting to an attack by shutting down a port or dropping certain types of packets?
A. Intrusion Prevention System
B. Intrusion Detection System
C. Security Information and Event Manager (SIEM)
D. Sandbox
Solution: Intrusion Prevention System
Question 7: Which of the following information cannot be revealed by network forensics?
A. Intrusion techniques used by attackers
B. Hardware configuration of the attacker’s system
C. Path of intrusion
D. Source of security incidents and network attacks
Solution: Hardware configuration of the attacker’s system
Question 8: _______ can be used to determine the path a transmitted e-mail has taken.
A. Routers logs
B. Application programs
C. Text editors
D. Internal memory
Solution: Routers logs
Question 9: Tracking internet e-mail users is more difficult because these accounts don’t always use standard naming schemes.
True
False
Solution: True
Question 10:If we have obtained a warrant to conduct social media forensics investigation for a specific social media account, but the suspect refuses to cooperate, we can use any workstation to Google search information about the suspect in the social media.
True
False
Solution: False
Question 11: E-mail is a major communication medium and some people may use e-mail when committing crimes such as narcotics trafficking, extortion, sexual harassment, stalking, fraud, child abductions, terrorism, child pornography, and so on. After you have determined that a crime has been committed involving e-mail, what’s the main piece of information you look for in an e-mail message you’re investigating?
A. Sender or receiver’s e-mail address.
B. Subject line content.
C. Message number.
D. Originating e-mail domain or IP address.
Solution: Originating e-mail domain or IP address.
Question 12: Which of the following is NOT a possible location where mobile device information might be stored?
A. SIM card
B. Power cable
C. Internal memory
D. Removable or external memory card
Solution: Power cable
Question 13: Malware analysis is the process of determining the _______ and ______ of a given malware sample such as a virus, worm, or backdoor.
A. purpose; functions
B. platform; operations
C. problem; functions
D. technology; operations
Solution: purpose; functions
Question 14: If investigators find a piece of evidence in the cloud that prove a particular IoT device in the crime scene is the cause of the crime, it will be easier to identify the criminal based on the registered account for the cloud service.
True
False
Solution: False
Question 15: ________ analysis is the process of studying a program without actually executing it.
A. Hybrid
B. Static
C. Dynamic
D. Statistic
Solution: Static