100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CHFI Exam Questions and Answers with 100% Correct Solution $13.49   Add to cart
Quickly navigate to
Preview
  2.  
  3. Classroom
  4.  
  5. Classroom

Exam (elaborations)

CHFI Exam Questions and Answers with 100% Correct Solution
 0 view  0 purchase
  • Course
  • Classroom
  • Institution
  • Classroom

CHFI Exam Questions and Answers with 100% Correct Solution

Preview 4 out of 66  pages

Document information

  • October 22, 2024
  • 66
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • chfi exam questions and answers with 100 correct

Written for

  • Classroom
  • Classroom

Seller

avatar-seller
Examsplug

Reviews received

Content preview

CHFI Exam Questions and Answers with
100% Correct Solutions



FAT32 is a 32-bit version of FAT file system using smaller clusters and results in efficient
storage capacity. What is the maximum drive size supported?



A. 1 terabytes

B. 2 terabytes

C. 3 terabytes

D. 4 terabytes - ✔✔b



In which step of the computer forensics investigation methodology would you run
MD5 checksum on the evidence?

,A. Obtain search warrant

B. Evaluate and secure the scene

C. Collect the evidence

D. Acquire the data - ✔✔d



Network forensics allows Investigators 10 inspect network traffic and logs to identify and
locate the attack system



Network forensics can reveal: (Select three answers)



A. Source of security incidents' and network attacks

B. Path of the attack

C. Intrusion techniques used by attackers

D. Hardware configuration of the attacker's system - ✔✔a b c



TCP/IP (Transmission Control Protocol/Internet Protocol) is a communication protocol used to
connect different hosts in the Internet. It contains four layers, namely the network interface layer.
Internet layer, transport layer, and application layer.



Which of the following protocols works under the transport layer of TCP/IP?



A. UDP

B. HTTP

,C. FTP

D. SNMP - ✔✔a



Which of the following statements does not support the case assessment?



A. Review the case investigator's request for service

B. Identify the legal authority for the forensic examination request

C. Do not document the chain of custody

D. Discuss whether other forensic processes need to be performed on the evidence - ✔✔c



Wireless access control attacks aim to penetrate a network by evading WLAN access
control measures, such as AP MAC filters and Wi-Fi port access controls.



Which of the following wireless access control attacks allows the attacker to set up a rogue
access point outside the corporate perimeter, and then lure the employees of the organization
to connect to it?



A. War driving

B. Rogue access points

C. MAC spoofing

D. Client mis-association - ✔✔d

, File deletion is a way of removing a file from a computer's file system. What happens when a file
is deleted in windows7?



A. The last letter of a file name is replaced by a hex byte code E5h

B. The operating system marks the file's name in the MFT with a special character that
indicates that the file has been deleted

C. Corresponding clusters in FAT are marked as used

D. The computer looks at the clusters occupied by that file and does not avails space to store
a new file - ✔✔b




What is cold boot (hard boot)?



A. It is the process of starting a computer from a powered-down or off state

B. It is the process of restarting a computer that is already turned on through the
operating system

C. It is the process of shutting down a computer from a powered-on or on state

D. It is the process of restarting a computer that is already in sleep mode - ✔✔a



When a file or folder is deleted, the complete path, including the original file name, is stored in a
special hidden file called "INF02" in the Recycled folder. If the INF02 file is deleted, it is re-
created when you___________.



A. Restart Windows

B. Kill the running processes in Windows task manager

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Examsplug. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79373 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.49
  • (0)
  Add to cart