Chat with AIExam 6: Current Computer Forensics Tools
Exam 1: Understanding the Digital Forensics Profession and Investigations50 Questions
Exam 2: The Investigators Office and Laboratory50 Questions
Exam 3: Data Acquisition50 Questions
Exam 4: Processing Crime and Incident Scenes50 Questions
Exam 5: Working With Windows and Cli Systems50 Questions
Exam 6: Current Computer Forensics Tools50 Questions
Exam 7: Macintosh and Linux Boot Processes and File Systems48 Questions
Exam 8: Recovering Graphics Files49 Questions
Exam 9: Computer Forensics Analysis and Validation50 Questions
Exam 10: Virtual Machine and Cloud Forensics50 Questions
Exam 11: Live Acquisitions and Network Forensics50 Questions
Exam 12: Email Investigations50 Questions
Exam 13: Cell Phone and Mobile Device Forensics49 Questions
Exam 14: Report Writing for High Tech Investigations50 Questions
Exam 15: Expert Testimony in High Tech Investigations50 Questions
Exam 16: Ethics for the Investigator and Expert Witness50 Questions
Select questions type
Match each term with its definition:
-A hardware device or software program that prevents a computer from writing data to an evidence drive?
Free
(Multiple Choice)
4.8/5 
(34)
(34) Correct Answer:
Verified
VerifiedJ
_______________ proves that two sets of data are identical by calculating hash values or using another similar method.
Free
(Multiple Choice)
4.9/5 (46)
(46) Correct Answer:Verified
VerifiedD
What option below is an example of a platform specific encryption tool?
Free
(Multiple Choice)
4.8/5 (46)
(46) Correct Answer:Verified
VerifiedD
The _____________ utility is designed to be installed on Linux distributions, and can be used to analyze a variety of different file systems, while also offering the ability to use plugins.
(Short Answer)
4.8/5 (35)
(35) Match each term with its definition:
-An attack that uses a collection of words or phrases that might be passwords for an encrypted file.
(Multiple Choice)
5.0/5 (35)
(35) What hex value is the standard indicator for jpeg graphics files?
(Multiple Choice)
4.7/5 (30)
(30) Reconstructing fragments of files that have been deleted from a suspect drive, is known as ____________ in North America.
(Multiple Choice)
4.8/5 (38)
(38) Which of the following is stated within the ISO 27037 standard?
(Multiple Choice)
4.8/5 (34)
(34) Match each term with its definition:
-?The process of rebuilding data files; one of the required functions of digital forensics tools.
(Multiple Choice)
4.8/5 (38)
(38) What tool below was written for MS-DOS and was commonly used for manual digital investigations?
(Multiple Choice)
4.9/5 (34)
(34) A keyword search is part of the analysis process within what forensic function?
(Multiple Choice)
4.7/5 (32)
(32) __________ can be platform specific, such as BitLocker, or done with third-party tools, such as Pretty Good Privacy (PGP) and GNuPG
(Short Answer)
4.7/5 (34)
(34) Match each term with its definition:
-A way to confirm that a tool is functioning as intended; one of the functions of digital forensics tools.?
(Multiple Choice)
4.7/5 (38)
(38) Software forensics tools are grouped into command-line applications and GUI applications
(True/False)
4.7/5 (45)
(45) List three of the six subfunctions that exist under the reconstruction function.
(Essay)
4.8/5 (40)
(40) ISO standard 27037 states that the most important factors in data acquisition are the DEFR's competency and the use of validated tools.
(True/False)
4.9/5 (39)
(39) What two different options are available for write blockers, and how do these options work?
(Essay)
4.9/5 (38)
(38) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)