What type of attack occurs when an attacker can force a router to stop forwarding packets by
flooding the router with many open connections simultaneously so that all the hosts behind the
router are effectively disabled?
B
When examining a file with a Hex Editor, what space does the file header occupy?
D
In the context of file deletion process, which of the following statement holds true?
C
A suspect is accused of violating the acceptable use of computing resources, as he has visited adult
websites and downloaded images. The investigator wants to demonstrate that the suspect did
indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie
cache. Moreover, he has removed any images he might have downloaded. What can the investigator
do to prove the violation?
A
A(n) _____________________ is one that's performed by a computer program rather than the
attacker manually performing the steps in the attack sequence.
B
The offset in a hexadecimal code is:
B
It takes _____________ mismanaged case/s to ruin your professional reputation as a computer
forensics examiner?
C
With the standard Linux second extended file system (Ext2fs), a file is deleted when the inode
internal link count reaches ________.
A
When examining the log files from a Windows IIS Web Server, how often is a new log file created?
A
Which part of the Windows Registry contains the user's password file?
A
An employee is attempting to wipe out data stored on a couple of compact discs (CDs) and digital
video discs (DVDs) by using a large magnet. You inform him that this method will not be effective in
wiping out the data because CDs and DVDs are ______________ media used to store large amounts
of data and are not affected by the magnet.
D
Lance wants to place a honeypot on his network. Which of the following would be your
recommendations?
D
What does the acronym POST mean as it relates to a PC?
B
Which legal document allows law enforcement to search an office, place of business, or other locale
for evidence relating to an alleged crime?
D
You are working as an investigator for a corporation and you have just received instructions from
your manager to assist in the collection of 15 hard drives that are part of an ongoing investigation.
Your job is to complete the required evidence custody forms to properly document each piece of
evidence as it is collected by other members of your team. Your manager instructs you to complete
one multi-evidence form for the entire case and a single-evidence form for each hard drive. How will
these forms be stored to help preserve the chain of custody of the case?
B