Axiom Exam Study Guide with Complete SolutionsAxiom Exam Study Guide with Complete SolutionsAxiom Exam Study Guide with Complete Solutions
When setting up a new case in Magnet AXIOM process, can you specify separate locations for the case files and the evidence files? - ANSWER - Yes
Which types...
Axiom Exam Study Guide with
Complete Solutions
When setting up a new case in Magnet AXIOM process, can you specify separate
locations for the case files and the evidence files? - ANSWER - Yes
Which types of devices can be imaged using Magnet AXIOM Process? - ANSWER -
Hard Drives, Thumb Drives, iOS Phones, Android phones
Is it possible to only scan Volume Shadow Copies from a drive? - ANSWER - Yes
Which option should be used when loading in data from an iOS or Android device? -
ANSWER - Mobile
Can Magnet AXIOM Process filter files via hash values? - ANSWER - Yes
What are the two main programs of the AXIOM forensics suite? - ANSWER - Examine
& Process
AXIOM will run natively on a Mac computer. - ANSWER - False
AXIOM Process and AXIOM Examine both can be run through a virtual machine. -
ANSWER - True
What are the three distinct steps of the forensic process? - ANSWER - Acquisition or
Extraction
Processing
Analysis
,You are working a case and want to know if AXIOM supports extracting artifacts from
the app Yik Yak. What documentation can you view to determine if Yik Yak is
supported? - ANSWER - Artifact reference
From a Windows PreFetch file, it is possible to determine when a program was run. -
ANSWER - True
While of the following locations would NOT contain information related to external
devices connected to a computer?
USBSTOR in the Windows registry
SAM in the Windows registry
NTUSER.DAT file in the Windows registry
setupapi.dev.log - ANSWER - SAM
What three licensing options are available for the user to license Magnet Forensics
AXIOM? - ANSWER - License Key, Network Server, Axiom USB
AXIOM Process allows the user to set up the data for Acquisition (imaging) and
Processing in the same single step. - ANSWER - True
When setting up an item of evidence for processing, what two options are available?
- ANSWER - Load Evidence
Acquire Evidence
During setup for processing, the user can specify the Search Type to be conducted
on an item of digital evidence. - ANSWER - True
Which type of file on a Windows computer keeps track of folder views, sizes, and
positions when viewed through Windows Explorer? - ANSWER - Shellbag
When examining Operating System artifacts, there are frequently duplicate
artifacts. Why is this? - ANSWER - This is due to the fact that the registry
automatically backs itself up and saves a copy to \Windows\System32\Config\
RegBak.
, What is the Windows Registry? - ANSWER - A hierarchical database that stores
configuration information.
You can specify that keyword searches be run against either Artifacts or All Content.
- ANSWER - True
You suspect that a user has an encrypted mobile backup on their computer. You
have a list of ten possible passwords. How should you configure the options for
processing the computer to ensure that you get the information from the backups? -
ANSWER - Check "Search Mobile Backups" and then enter each password that you
have in the Mobile Backup Passwords box.
When using Magnet.AI to categorize chats, the AI analysis is based on individual
messages and not on the entire chat conversation. - ANSWER - False
The app Club Penguin is found on a suspect's phone. Through research, you
determine that AXIOM does not support the app and that the app stores information
in a SQLite database. What option can you select during processing to seek out the
Club Penguin database? - ANSWER - Dynamic App Finder
It is possible to add evidence to a case that has already been processed. - ANSWER
- True
If the option "Automatically Build Connections" is checked, connections will
automatically be built during the first processing of the case but will NOT be built if
any additional evidence is added to the case. - ANSWER - False
When in File System view, it is possible to view all sub-folders of the main folder
that you are clicked on? - ANSWER - Yes
From the Case Dashboard, you chose the option "Categorize pictures with
Magnet.AI." Which of the following options are available for categorization? -
ANSWER - All pictures
Which two hash formats does AXIOM use? - ANSWER - MD5 SHA1
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller NursingTutor1. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.