WGU C702 FULL CHFI & OA EXAM STUDY GUIDE. // VERIFIED ANSWERS. // GRADED A+. // NEW!!! NEW!!!
5 views 0 purchase
Course
WGU C702 FULL CHFI & OA
Institution
WGU C702 FULL CHFI & OA
WGU C702 FULL CHFI & OA EXAM
STUDY GUIDE. // VERIFIED ANSWERS. //
GRADED A+. //
NEW!!! NEW!!!
Which of the following is a user-created source of potential evidence?
A. address book
B. printer spool
C. cookies
D. log files - Ans -A
Which of the following is a computer-created source of po...
WGU C702 FULL CHFI & OA EXAM
STUDY GUIDE. // VERIFIED ANSWERS. //
GRADED A+. //
NEW!!! NEW!!!
Which of the following is a user-created source of potential evidence?
A. address book
B. printer spool
C. cookies
D. log files - Ans -A
Which of the following is a computer-created source of potential evidence?
A. bookmarks
B. spreadsheet
C. swap file
D. steganography - Ans -C
Which of the following is not where potential evidence may be located?
A. digital camera
B. smart card
C. processor
D. thumb drive - Ans -C
,You are working in the Security Department of a law firm. One of the attorneys asks you
about the topic of sending fake email because he has a client who has been charged with
doing just that. His client alleges that he is innocent and that there is no way for a fake email
to actually be sent. You inform the attorney that his client is mistaken and that fake email is a
possibility and that you can prove it. You return to your desk and craft a fake email to the
attorney that appears to come from his boss. What port do you send the email to on the
companys SMTP server?
A. 135
B. 10
C. 110
D. 25 - Ans -D
Which of the following should a computer forensics investigations lab have?
A. restricted access
B. open access
C. an entry log
D. isolation - Ans -A
You have been asked to investigate after a user has reported a threatening e-mail theyve
received from an external source. Which of the following are you most interested in when
trying to trace the source of the message?
A. The E-mail Header
B. The SMTP reply address
C. The X509 address
D. The Host Domain Name - Ans -A
Which is a standard procedure to perform during all computer forensics investigations?
A. with the hard drive removed from the suspect PC, check the date and time in the systems
RAM
B. with the hard drive removed from the suspect PC, check the date and time in the systems
CMOS
C. with the hard drive in the suspect PC, check the date and time in the systems CMOS
,D. with the hard drive in the suspect PC, check the date and time in the File Allocation Table
- Ans -B
Under which of the following conditions will duplicate evidence not suffice?
A. when original evidence is destroyed in the normal course of business
B. when original evidence is in possession of the originator
C. when original evidence is in possession of a third party
D. when original evidence is destroyed due to fire or flood - Ans -B
Which of the following Federal Rules of Evidence governs proceedings in the courts of the
United States?
A. Rule 105
B. Rule 103
C. Rule 101
D. Rule 102 - Ans -C
Which of the following Federal Rules of Evidence ensures that the truth may be ascertained
and the proceedings justly determined?
A. Rule 105
B. Rule 102
C. Rule 101
D. Rule 103 - Ans -B
Which of the following Federal Rules of Evidence contains Rulings on Evidence?
A. Rule 103
B. Rule 105
C. Rule 102
D. Rule 101 - Ans -A
, Which of the following Federal Rules of Evidence states that the court shall restrict the
evidence to its proper scope and instruct the jury accordingly?
A. Rule 102
B. Rule 103
C. Rule 101
D. Rule 105 - Ans -D
Which of the following answers refers to a set of methodological procedures and techniques
to identify, gather, preserve, extract, interpret, document, and present evidence from
computing equipment in such a manner that the discovered evidence is acceptable during a
legal and/or administrative proceeding in a court of law?
A. disaster recovery
B. incident handling
C. computer forensics
D. network analysis - Ans -C
Computer forensics deals with the process of finding _______ related to digital crime to find
the culprits and initiate legal action against them.
A. insider threats
B. evidence
C. fraud
D. malware - Ans -B
Minimizing the tangible and intangible losses to the organization or an individual is
considered an essential computer forensics use.
A. True
B. False - Ans -A
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller BESTGRADE32. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $25.49. You're not tied to anything after your purchase.