Chat with AIExam 10: Virtual Machine and Cloud Forensics
Exam 1: Understanding the Digital Forensics Profession and Investigations50 Questions
Exam 2: The Investigators Office and Laboratory50 Questions
Exam 3: Data Acquisition50 Questions
Exam 4: Processing Crime and Incident Scenes50 Questions
Exam 5: Working With Windows and Cli Systems50 Questions
Exam 6: Current Computer Forensics Tools50 Questions
Exam 7: Macintosh and Linux Boot Processes and File Systems48 Questions
Exam 8: Recovering Graphics Files49 Questions
Exam 9: Computer Forensics Analysis and Validation50 Questions
Exam 10: Virtual Machine and Cloud Forensics50 Questions
Exam 11: Live Acquisitions and Network Forensics50 Questions
Exam 12: Email Investigations50 Questions
Exam 13: Cell Phone and Mobile Device Forensics49 Questions
Exam 14: Report Writing for High Tech Investigations50 Questions
Exam 15: Expert Testimony in High Tech Investigations50 Questions
Exam 16: Ethics for the Investigator and Expert Witness50 Questions
Select questions type
Type 2 hypervisors are typically loaded on servers or workstations with a lot of RAM and storage.
Free
(True/False)
4.8/5 
(36)
(36) Correct Answer:
Verified
VerifiedFalse
Define network forensics, and explain how network forensics can be used.
Free
(Essay)
4.8/5 (41)
(41) Correct Answer:Verified
VerifiedNetwork forensics is the process of collecting and analyzing raw network data and tracking network traffic systematically to ascertain how an attack was carried out or how an event occurred on a network. Being able to spot variations in network traffic can help you track intrusions, so knowing a network's typical patterns is important. Network forensics can also help you determine whether a network is truly under attack or a user has inadvertently installed an untested patch or custom program.
?Match the following terms with the correct definitions below:?
-Attacks launched before vendors or network administrators have discovered vulnerabilities and patches for them have been released.?
Free
(Multiple Choice)
4.9/5 (41)
(41) Correct Answer:Verified
VerifiedI
At what layers of the OSI model do most packet analyzers function?
(Multiple Choice)
4.8/5 (40)
(40) What virtual machine software supports all Windows and Linux OSs as well as Macintosh and Solaris, and is provided as shareware?
(Multiple Choice)
4.7/5 (23)
(23) The tcpdump and Wireshark utilities both use what well known packet capture format?
(Multiple Choice)
4.9/5 (44)
(44) Why are live acquisitions becoming a necessity, and why don't live acquisitions follow typical forensics procedures?
(Essay)
4.9/5 (38)
(38) ?Match the following terms with the correct definitions below:?
-The process of collecting and analyzing raw network data and systematically tracking network traffic to determine how security incidents occur.?
(Multiple Choice)
4.8/5 (36)
(36) The ___________________ utility from Sysinternals shows what files, Registry keys, and DLLs are loaded at a specific time.
(Short Answer)
4.7/5 (35)
(35) In VirtualBox, ____________ different types of virtual network adapters are possible, such as AMD and Intel Pro adapters.
(Multiple Choice)
5.0/5 (39)
(39) What utility is best suited to examine e-mail headers or chat logs, or network communication between worms and viruses?
(Multiple Choice)
4.8/5 (40)
(40) The _____________________ tool is an updated version of BackTrack, and contains more than 300 tools, such as password crackers, network sniffers, and freeware forensics tools.
(Multiple Choice)
5.0/5 (35)
(35) ?Match the following terms with the correct definitions below:?
-?The NSA's approach to implementing a layered network defense strategy. It focuses on three modes of protection: people, technology, and operations.
(Multiple Choice)
4.9/5 (31)
(31) Describe the defense in depth (DiD) strategy, and outline each of the three modes of protection.
(Essay)
4.8/5 (48)
(48) In a __________ attack, the attacker keeps asking your server to establish a connection, with the intent of overloading a server with established connections.
(Multiple Choice)
4.7/5 (31)
(31) The SANS Investigative Forensics Toolkit (SIFT) appliance can currently only be installed on what version of Ubuntu?
(Multiple Choice)
4.8/5 (31)
(31) Select below the option that is not a common type 1 hypervisor:
(Multiple Choice)
4.8/5 (33)
(33) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)