WGU C702 CHFI and OA Questions and Answers with Complete Solution

Document Content and Description Below

WGU C702 CHFI and OA Questions and Answers with Complete Solution Which of the following is true regarding computer forensics? Correct Answer- Computer forensics deals with the process of finding evid... ence related to a digital crime to find the culprits and initiate legal action against them. Which of the following is NOT a objective of computer forensics? Correct Answer- Document vulnerabilities allowing further loss of intellectual property, finances, and reputation during an attack. Which of the following is true regarding Enterprise Theory of Investigation (ETI)? Correct Answer- It adopts a holistic approach toward any criminal activity as a criminal operation rather as a single criminal act. Forensic readiness refers to: Correct Answer- An organization's ability to make optimal use of digital evidence in a limited time period and with minimal investigation costs. Which of the following is NOT a element of cybercrime? Correct Answer- Evidence smaller in size. Which of the following is true of cybercrimes? Correct Answer- Investigators, with a warrant, have the authority to forcibly seize the computing devices. Which of the following is true of cybercrimes? Correct Answer- The initial reporting of the evidence is usually informal. Which of the following is NOT a consideration during a cybercrime investigation? Correct Answer- Value or cost to the victim. Which of the following is a user-created source of potential evidence? Correct Answer- Address book. Which of the following is a computer-created source of potential evidence? Correct Answer- Swap file. Which of the following is NOT where potential evidence may be located? Correct Answer- Processor. Under which of the following conditions will duplicate evidence NOT suffice? Correct Answer- When original evidence is in possession of the originator. Which of the following Federal Rules of Evidence governs proceedings in the courts of the United States? Correct Answer- Rule 101. Which of the following Federal Rules of Evidence ensures that the truth may be ascertained and the proceedings justly determined? Correct Answer- Rule 102. Which of the following Federal Rules of Evidence contains rulings on evidence? Correct Answer- Rule 103 Which of the following Federal Rules of Evidence states that the court shall restrict the evidence to its proper scope and instruct the jury accordingly? Correct Answer- Rule 105 Which of the following refers to a set of methodological procedures and techniques to identify, gather, preserve, extract, interpret, document, and present evidence from computing equipment in such a manner that the discovered evidence is acceptable during a legal and/or administrative proceeding in a court of law? Correct Answer- Computer Forensics. Computer Forensics deals with the process of finding _____ related to a digital crime to find the culprits and initiate legal action against them. Correct Answer- Evidence. Minimizing the tangible and intangible losses to the organization or an individual is considered an essential computer forensics use. Correct Answer- True. Cybercrimes can be classified into the following two types of attacks, based on the line of attack. Correct Answer- Internal and External. Espionage, theft of intellectual property, manipulation of records, and trojan horse attacks are examples of what? Correct Answer- Insider attack or primary attacks. External attacks occur when there are inadequate information-security policies and procedures. Correct Answer- True. Which type of cases involve disputes between two parties? Correct Answer- Civil. A computer forensic examiner can investigate any crime as long as he or she takes detailed notes and follows the appropriate processes. Correct Answer- False. ________ is the standard investigative model used by the FBI when conducting investigations against major criminal organizations. Correct Answer- Enterprise Theory of Investigation (ETI). Forensic readiness includes technical and nontechnical actions that maximize an organization's competence to use digital evidence. Correct Answer- True. Which of the following is the process of developing a strategy to address the occurrence of any security breach in the system or network? Correct Answer- Incident Response. Digital devices store data about session such as user and type of connection. Correct Answer- True. Codes of ethics are the principles stated to describe the expected behavior of an investigator while handling a case. Which of the following is NOT a principle that a computer forensic investigator must follow? Correct Answer- Provide personal or prejudiced opinions. What must an investigator do in order to offer a good report to a court of law and ease the prosecution? Correct Answer- Preserve the evidence. What is the role of an expert witness? Correct Answer- To educate the public and court. Which of the following is NOT a legitimate authorizer of a search warrant? Correct Answer- First Responder. Under which of the following circumstances has a court of law allowed investigators to perform searches without a warrant? Correct Answer- Delay in obtaining a warrant may lead to the destruction of evidence and hamper the investigation process. Which of the following should be considered before planning and evaluating the budget for the forensic investigation case? Correct Answer- Breakdown of costs into daily and annual expenditure. Which of the following should be physical location and structural design considerations for forensics labs? Correct Answer- Lab exteriors should have no windows. Which of the following should be work area considerations for forensics labs? Correct Answer- Examiner station has an area of about 50-63 square feet. Which of the following is NOT part of the Computer Forensics Investigation Methodology? Correct Answer- Testify as an expert defendant. Which of the following is NOT part of the Computer Forensics Investigation Methodology? Correct Answer- Destroy the evidence. Investigators can immediately take action after receiving a report of a security incident. Correct Answer- False. In forensics laws, "authenticating or identifying evidences" comes under which rule? Correct Answer- Rule 901. Courts call knowledgable persons to testify to the accuracy of the investigative process. These people who tesify are known as the: Correct Answer- Expert witnesses. A chain of custody is a critical document in the computer forensics investigation process because the document provides legal validation of appropriate evidence handl [Show More]

Last updated: 1 year ago

Preview 1 out of 21 pages