Chat with AIExam 7: Current Computer Forensics Tools
Exam 1: Computer Forensics and Investigations As a Profession50 Questions
Exam 2: Understanding Computer Investigations50 Questions
Exam 3: The Investigators Office and Laboratory50 Questions
Exam 4: Data Acquisition50 Questions
Exam 5: Processing Crime and Incident Scenes50 Questions
Exam 6: Working With Windows and Dos Systems50 Questions
Exam 7: Current Computer Forensics Tools50 Questions
Exam 8: Macintosh and Linux Boot Processes and File Systems50 Questions
Exam 9: Computer Forensics Analysis and Validation50 Questions
Exam 10: Recovering Graphics Files50 Questions
Exam 11: Virtual Machines, Network Forensics, and Live Acquisitions50 Questions
Exam 12: E-Mail Investigations48 Questions
Exam 13: Cell Phone and Mobile Device Forensics37 Questions
Exam 14: Report Writing for High-Tech Investigations48 Questions
Exam 15: Expert Testimony in High-Tech Investigations50 Questions
Exam 16: Ethics for the Expert Witness35 Questions
Select questions type
The ____________________ function is the most demanding of all tasks for computer investigators to master.
(Short Answer)
4.9/5 
(27)
(27) The ____ publishes articles, provides tools, and creates procedures for testing and validating computer forensics software.
(Multiple Choice)
4.8/5 (35)
(35) Briefly explain the NIST general approach for testing computer forensics tools.
(Essay)
4.9/5 (32)
(32) The primary hash algorithm used by the NSRL project is ____.
(Multiple Choice)
4.7/5 (45)
(45) ____ can be software or hardware and are used to protect evidence disks by preventing you from writing any data to the evidence disk.
(Multiple Choice)
4.9/5 (42)
(42) To complete a forensic disk analysis and examination, you need to create a ____.
(Multiple Choice)
4.9/5 (40)
(40) In software acquisition, there are three types of data-copying methods.
(True/False)
4.7/5 (31)
(31) Match each item with a statement below:
-software-enabled write-blocker
(Multiple Choice)
4.7/5 (36)
(36) In Windows 2000 and XP, the ____ command shows you the owner of a file if you have multiple users on the system or network.
(Multiple Choice)
4.7/5 (38)
(38) Because there are a number of different versions of UNIX and Linux, these platforms are referred to as ____________________ platforms.
(Short Answer)
4.8/5 (37)
(37) Computer forensics tools are divided into ____ major categories.
(Multiple Choice)
4.8/5 (34)
(34) Match each item with a statement below:
-a direct copy of a disk drive
(Multiple Choice)
4.9/5 (34)
(34) The first tools that analyzed and extracted data from floppy disks and hard disks were MS-DOS tools for ____ PC file systems.
(Multiple Choice)
4.8/5 (43)
(43) The simplest method of duplicating a disk drive is using a tool that does a direct ____ copy from the original disk to the target disk.
(Multiple Choice)
4.7/5 (39)
(39) The Windows application of EnCase requires a(n) ____________________ device, such as FastBloc, to prevent Windows from accessing and corrupting a suspect disk drive.
(Short Answer)
4.9/5 (37)
(37) Raw data is a direct copy of a disk drive. An example of a Raw image is output from the UNIX/Linux ____ command.
(Multiple Choice)
4.7/5 (34)
(34) Illustrate how to consider hardware needs when planning your lab budget.
(Essay)
4.9/5 (32)
(32) Describe some of the problems you may encounter if you decide to build your own forensics workstation.
(Essay)
4.8/5 (31)
(31) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)