WGU Master's Course C702 - Forensics and Network Intrusion 2022/2023

Document Content and Description Below

A software company suspects that employees have set up automatic corporate email forwarding to their personal inboxes against company policy. The company hires forensic investigators to identify the e ... mployees violating policy, with the intention of issuing warnings to them. Which type of cybercrime investigation approach is this company taking? A Civil B Criminal C Administrative D Punitive - ANSWER C Which model or legislation applies a holistic approach toward any criminal activity as a criminal operation? A Enterprise Theory of Investigation B Racketeer Influenced and Corrupt Organizations Act C Evidence Examination D Law Enforcement Cyber Incident Reporting - ANSWER A What does a forensic investigator need to obtain before seizing a computing device in a criminal case? A Court warrant B Completed crime report C Chain of custody document D Plaintiff's permission - ANSWER A Which activity should be used to check whether an application has ever been installed on a computer? A Penetration test B Risk analysis C Log review D Security review - ANSWER C Which characteristic describes an organization's forensic readiness in the context of cybercrimes? A It includes moral considerations. B It includes cost considerations. C It excludes nontechnical actions. D It excludes technical actions. - ANSWER B A cybercrime investigator identifies a Universal Serial Bus (USB) memory stick containing emails as a primary piece of evidence. Who must sign the chain of custody document once the USB stick is in evidence? A Those who obtain access to the device B Anyone who has ever used the device C Recipients of emails on the device D Authors of emails on the device - ANSWER A Which type of attack is a denial-of-service technique that sends a large amount of data to overwhelm system resources? A Phishing B Spamming C Mail bombing D Bluejacking - ANSWER C Which computer crime forensics step requires an investigator to duplicate and image the collected digital information? A Securing evidence B Acquiring data C Analyzing data D Assessing evidence - ANSWER B What is the last step of a criminal investigation that requires the involvement of a computer forensic investigator? A Analyzing the data collected B Testifying in court C Assessing the evidence D Performing search and seizure - ANSWER B How can a forensic investigator verify an Android mobile device is on, without potentially changing the original evidence or interacting with the operating system? A Check to see if it is plugged into a computer B Tap the screen multiple times C Look for flashing lights D Hold down the power button - ANSWER C What should a forensic investigator use to protect a mobile device if a Faraday bag is not available? A Aluminum foil B Sturdy container C Cardboard box D Bubble wrap - ANSWER A Which criterion determines whether a technology used by government to obtain information in a computer search is considered innovative and requires a search warrant? A Availability to the general public B Dependency on third-party software C Implementation based on open source software D Use of cloud-based machine learning - ANSWER A Which situation allows a law enforcement officer to seize a hard drive from a residence without obtaining a search warrant? A The computer is left unattended. B The front door is wide open. C The occupant is acting suspicious. D The evidence is in imminent danger. - ANSWER D Which legal document contains a summary of findings and is used to prosecute? A Investigation report B Search warrant C Search and seizure D Chain of custody - ANSWER A What should an investigator use to prevent any signals from reaching a mobile phone? A Faraday bag B Dry bag C Anti-static container D Lock box - ANSWER A A forensic investigator is called to the stand as a technical witness in an internet payment fraud case. Which behavior is considered ethical by this investigator while testifying? A Providing and explaining facts found during the investigation B Interpreting the findings and offering a clear opinion to the jury C Helping the jury arrive at a conclusion based on the facts D Assisting the attorney in compiling a list of essential questions - ANSWER A A government agent is testifying in a case involving malware on a system. What should this agent have complied with during search and seizure? A Fourth Amendment B Stored Communications Act C Net Neutrality Bill D Federal Rules of Evidence - ANSWER A Which path should a forensic investigator use to look for system logs in a Mac? A /var/log/cups/access_log B /var/log/ C /var/audit/ D /var/log/install.log - ANSWER B Which tool should a forensic investigator use to view information from Linux kernel ring buffers? A arp B dmesg C fsck D grep - ANSWER B A forensic investigator makes a bit-stream copy of a Windows hard drive that has been reformatted. The investigator needs to locate only the Adobe PDF files on the hard drive. Which tool should this investigator use? A Quick Recovery B Handy Recovery C EaseUS Data Recovery [Show More]

Last updated: 3 years ago

Preview 1 out of 113 pages