CIS 562 Week 11 Final Exam – Strayer New


Click On The Link Below To Purchase A+ Graded Material
Instant Download

http://budapp.net/CIS-562-Final-Exam-Week-11-Strayer-NEW-CIS562W11E.htm

Chapters 7 Through 16

Chapter 7: Current Computer Forensics Tools

TRUE/FALSE

     1.   When you research for computer forensics tools, strive for versatile, flexible, and robust tools that provide technical support.


     2.   In software acquisition, there are three types of data-copying methods.


     3.   To help determine what computer forensics tool to purchase, a comparison table of functions, subfunctions, and vendor products is useful.


     4.   The Windows platforms have long been the primary command-line interface OSs.


     5.   After retrieving and examining evidence data with one tool, you should verify your results by performing the same tasks with other similar forensics tools.


MULTIPLE CHOICE

     1.   Computer forensics tools are divided into ____ major categories.
a.
2
c.
4
b.
3
d.
5



     2.   Software forensics tools are commonly used to copy data from a suspect’s disk drive to a(n) ____.
a.
backup file
c.
image file
b.
firmware
d.
recovery copy



     3.   To make a disk acquisition with En.exe requires only a PC running ____ with a 12-volt power connector and an IDE, a SATA, or a SCSI connector cable.
a.
UNIX
c.
Linux
b.
MAC OS X
d.
MS-DOS



     4.   Raw data is a direct copy of a disk drive. An example of a Raw image is output from the UNIX/Linux ____ command.
a.
rawcp
c.
d2dump
b.
dd
d.
dhex



     5.   ____ of data involves sorting and searching through all investigation data.
a.
Validation
c.
Acquisition
b.
Discrimination
d.
Reconstruction



     6.   Many password recovery tools have a feature that allows generating potential lists for a ____attack.
a.
brute-force
c.
birthday
b.
password dictionary
d.
salting



     7.   The simplest method of duplicating a disk drive is using a tool that does a direct ____ copy from the original disk to the target disk.
a.
partition-to-partition
c.
disk-to-disk
b.
image-to-partition
d.
image-to-disk



     8.   To complete a forensic disk analysis and examination, you need to create a ____.
a.
forensic disk copy
c.
budget plan
b.
risk assessment
d.
report



     9.   The first tools that analyzed and extracted data from floppy disks and hard disks were MS-DOS tools for ____ PC file systems.
a.
Apple
c.
Commodore
b.
Atari
d.
IBM



   10.   In Windows 2000 and XP, the ____ command shows you the owner of a file if you have multiple users on the system or network.
a.
Dir
c.
Copy
b.
ls
d.
owner



   11.   In general, forensics workstations can be divided into ____ categories.
a.
2
c.
4
b.
3
d.
5



   12.   A forensics workstation consisting of a laptop computer with a built-in LCD monitor and almost as many bays and peripherals as a stationary workstation is also known as a ____.
a.
stationary workstation
c.
lightweight workstation
b.
field workstation
d.
portable workstation



   13.   ____ is a simple drive-imaging station.
a.
F.R.E.D.
c.
FIRE IDE
b.
SPARC
d.
DiskSpy



   14.   ____ can be software or hardware and are used to protect evidence disks by preventing you from writing any data to the evidence disk.
a.
Drive-imaging
c.
Workstations
b.
Disk editors
d.
Write-blockers



   15.   Many vendors have developed write-blocking devices that connect to a computer through FireWire,____ 2.0,and SCSI controllers.
a.
USB
c.
LCD
b.
IDE
d.
PCMCIA



   16.   The ____ publishes articles, provides tools, and creates procedures for testing and validating computer forensics software.
a.
CFTT
c.
FS-TST
b.
NIST
d.
NSRL



   17.   The standards document, ____, demands accuracy for all aspects of the testing process, meaning that the results must be repeatable and reproducible.
a.
ISO 3657
c.
ISO 5725
b.
ISO 5321
d.
ISO 17025



   18.   The NIST project that has as a goal to collect all known hash values for commercial software applications and OS files is ____.
a.
NSRL
c.
FS-TST
b.
CFTT
d.
PARTAB



   19.   The primary hash algorithm used by the NSRL project is ____.
a.
MD5
c.
CRC-32
b.
SHA-1
d.
RC4



   20.   One way to compare your results and verify your new forensic tool is by using a ____, such as HexWorkshop, or WinHex.
a.
disk imager
c.
bit-stream copier
b.
write-blocker
d.
disk editor



   21.   Although a disk editor gives you the most flexibility in ____, it might not be capable of examining a ____ file’s contents.
a.
testing, compressed
c.
testing, pdf
b.
scanning, text
d.
testing, doc



COMPLETION

     1.   Software forensic tools are grouped into command-line applications and ____________________ applications.


     2.   The Windows application of EnCase requires a(n) ____________________ device, such as FastBloc, to prevent Windows from accessing and corrupting a suspect disk drive.


     3.   The ____________________ function is the most demanding of all tasks for computer investigators to master.


     4.   Because there are a number of different versions of UNIX and Linux, these platforms are referred to as ____________________ platforms.


     5.   Hardware manufacturers have designed most computer components to last about ____________________ months between failures.


MATCHING


Comments

Post a Comment

Popular posts from this blog

CIS 519 Midterm and Final Exam – Strayer NEW

Click On The Link Below To Purchase A+ Graded Material Instant Download http://budapp.net/CIS-519-Exam-Midterm-and-Final-Exam-Strayer-NEW-CIS519MFE.htm Chapter 1 Through 14 Chapter 1   Decision Support Systems and Business Intelligence 1) When faced with a turbulent business environment, organizations are best able to survive or even excel by minimizing changes until the environment stabilizes. Diff: 2    Page Ref: 2 2) The management of Norfolk Southern, a large freight railroad company, invested in data warehousing technologies. Even though railroad transportation is a mature industry, Norfolk Southern gained a competitive advantage by using its data warehousing technologies to squeeze additional efficiency from its operations. Diff: 2    Page Ref: 4 3) Globalization has significantly reduced the complexity of the business environment. For example, companies can find suppliers and customers in many countrie...
Read more

CIS 499 Week 11 Discussion Questions – Strayer NEW

Click On The Link Below to Purchase A+ Graded Material Instant Download http://budapp.net/CIS-499-Week-11-Discussion-Questions-Strayer-NEW-CIS499W11D.htm Week 11 Discussion 1 "Course Summation" Please respond to the following: ·          Describe the most important piece of knowledge that you gained during this course. ·          Discuss ways you plan to apply what you learned in this course in your current or future position. Week 11 Discussion 2 "Role of CIO" Please respond to the following: ·          The role of CIO is the most influential capacity in the IT organization. Identify what you believe are the most important characteristics and qualities of successful CIOs. ·          Of the characteristics and qualities you identified above, reflect on those you have and those you still need t...
Read more