Chat with AI
Exam 22: Applying Forensic Science to Networks
Exam 1: Foundations of Digital Forensics 36 Questions
Exam 2: Language of Computer Crime Investigation33 Questions
Exam 3: Digital Evidence in the Courtroom29 Questions
Exam 4: Cybercrime Law: a United States Perspective30 Questions
Exam 5: Cybercrime Law: a European Perspective30 Questions
Exam 6: Conducting Digital Investigations33 Questions
Exam 7: Handling a Digital Crime Scene32 Questions
Exam 8: Investigative Reconstruction With Digital Evidence32 Questions
Exam 9: Modus Operandi, Motive, and Technology32 Questions
Exam 10: Violent Crime and Digital Evidence30 Questions
Exam 11: Digital Evidence As Alibi18 Questions
Exam 12: Sex Offenders on the Internet31 Questions
Exam 13: Computer Intrusions32 Questions
Exam 14: Cyberstalking31 Questions
Exam 15: Computer Basics for Digital Investigators34 Questions
Exam 16: Applying Forensic Science to Computers31 Questions
Exam 17: Digital Evidence on Windows Systems30 Questions
Exam 18: Digital Evidence on Unix Systems30 Questions
Exam 19: Digital Evidence on Macintosh Systems29 Questions
Exam 20: Digital Evidence on Mobile Devices32 Questions
Exam 21: Network Basics for Digital Investigators33 Questions
Exam 22: Applying Forensic Science to Networks35 Questions
Exam 23: Digital Evidence on the Internet30 Questions
Exam 24: Digital Evidence at the Physical and Data-Link Layers34 Questions
Exam 25: Digital Evidence at the Network and Transport Layers30 Questions
Select questions type
Examination of digital evidence includes (but is not limited to) which of the following activities?
Free
(Multiple Choice)
4.8/5 
(39)
(39) Correct Answer:
Verified
VerifiedB
Preservation of digital evidence can involve which of the following?
Free
(Multiple Choice)
4.8/5 (35)
(35) Correct Answer:Verified
VerifiedD
When a website is under investigation, before obtaining authorization to seize the systems it is necessary to:
Free
(Multiple Choice)
4.8/5 (32)
(32) Correct Answer:Verified
VerifiedA
Occasionally, an intrusion detection system may trigger an alarm caused by an innocent packet that coincidentally contains intrusion class characteristics. This type of alert is called:
(Multiple Choice)
4.9/5 (33)
(33) Although it was not designed with evidence collection in mind, can still be useful for examining network traffic.
(Multiple Choice)
4.9/5 (36)
(36) If you are investigating a homicide and, while executing a search warrant, you find a computer in the suspect's home that appears to contain child pornography, what would you do?
(Essay)
4.9/5 (31)
(31) A forensic image of a drive preserves which of the following?
(Multiple Choice)
4.9/5 (33)
(33) All forensic tools acquire digital evidence from storage media in the same way.
(True/False)
4.9/5 (32)
(32) Digital investigators should remember that evidence can reside in unexpected places, such as network routers.
(True/False)
4.8/5 (43)
(43) When drawing up an affidavit for a warrant, it is important to specifically mention all desired digital evidence.
(True/False)
5.0/5 (37)
(37) Chain of custody enables anyone to determine where a piece of evidence has been, who handled it when, and what was done to it since it was seized.
(True/False)
4.8/5 (33)
(33) Other than verifying the integrity of a file, how can the MD5 value of a file be useful?
(Essay)
4.9/5 (43)
(43) Issues to be aware of when connecting to a computer over a network and collecting information include:
(Multiple Choice)
4.9/5 (41)
(41) It is not necessary to sanitize/wipe a hard drive purchased directly from a manufacturer.
(True/False)
4.8/5 (37)
(37) When a computer contains digital evidence, it is always advisable to turn it off immediately.
(True/False)
4.9/5 (37)
(37) Which of the following are situations where a bitstream copy may not be viable?
(Multiple Choice)
4.8/5 (32)
(32) 
Filters
- Essay(6)
- Multiple Choice(14)
- Short Answer(0)
- True False(15)
- Matching(0)