FREE CHFI MCQ Questions and Answers

0%

Corporate investigations are often simpler than those conducted by the government because:

Correct! Wrong!

How many bytes do hard disk sectors normally contain?

Correct! Wrong!

Traditionally, hard disks have used a sector size of 512 bytes. This sector size has been the industry standard for many years. However, it's worth noting that newer hard drives and solid-state drives (SSDs) are increasingly transitioning to larger sector sizes, such as 4,096 bytes (4 KB) or even larger. These larger sector sizes offer certain advantages, such as improved error correction and increased storage efficiency. Nonetheless, 512 bytes per sector remains a common sector size in many existing systems.

Due to his visits to sexual websites and image downloads, a suspect is accused of abusing computer resources. The goal of the investigation is to show that the suspect actually went to these places. The suspect, however, has deleted the cookie cache and wiped the search history. In addition, he deleted any photographs he may have downloaded. What steps can the investigator take to demonstrate the infraction?

Correct! Wrong!

A _______________ is an attack where the steps in the attack sequence are carried out by a computer program rather than a hacker.

Correct! Wrong!

A "scripted attack" or "automated attack" is one whereby a computer program, rather than a hacker, performs the steps in the attack sequence. In a scripted attack, the attacker utilizes pre-programmed scripts or software tools to automate various stages of the attack process, such as reconnaissance, vulnerability scanning, exploitation, and post-exploitation activities. These scripts or tools are designed to carry out the attack steps without manual intervention, allowing the attacker to target multiple systems or launch attacks on a larger scale. Scripted attacks can be more efficient and effective for attackers, as they can be executed quickly and with minimal effort, potentially compromising a significant number of vulnerable systems in a short amount of time.

In a hexadecimal code, the offset is:

Correct! Wrong!

The "0x" prefix in a hexadecimal code represents the notation convention used to indicate that the following characters represent a hexadecimal value. For example, "0x10" signifies the hexadecimal value 10, which is equivalent to the decimal value 16. The "0x" prefix is used to distinguish hexadecimal values from decimal or other numerical representations.

The following guidelines should be followed when employing an anti-virus scanner for a computer forensics investigation:

Correct! Wrong!

During a computer forensics investigation, it is generally recommended to scan your forensics workstation with an antivirus scanner before beginning the investigation. This precaution helps ensure that your workstation is free of any malware or viruses that could potentially compromise the investigation.

By scanning the workstation beforehand, you can detect and remove any malicious software that may be present. This helps maintain the integrity of the investigation by minimizing the risk of contaminating or altering evidence. It is crucial to start the investigation with a clean and secure environment to ensure accurate analysis and findings.

Office suites like Word, Excel, and PowerPoint generate a code for each document that is based on the Media Access Control (MAC) address, also known as the machine's unique identification. What is the name of this code?

Correct! Wrong!

The code based on the Media Access Control (MAC) address or unique identifier of the machine upon which a document was written is called the Globally Unique Identifier (GUID). A GUID is a 128-bit number that is generated by the operating system or software to uniquely identify an object, such as a document, file, or component. GUIDs are typically used to ensure uniqueness across different systems and platforms. In the context of Office programs like Word, Excel, and PowerPoint, GUIDs can be embedded within the documents for various purposes, such as tracking document versions, linking embedded objects, or maintaining document integrity.

Premium Tests $49/mo
FREE November-2024