Question 1

When conducting computer forensic analysis, you must guard against ______________ So that you remain focused on the primary job and insure that the level of work does not increase beyond what was originally expected.

Options :

A : Hard Drive Failure

B : Scope Creep

C : Unauthorized expenses

D : Overzealous marketing

Answer: B

Question 2

A breach resulted from a malware attack that evaded detection and compromised the machine memory without installing any software or accessing the hard drive. What technique did the adversaries use to deliver the attack?

Options :

A : Fileless

B : Trojan

C : JavaScript

D : Spyware

Answer: A

Question 3

Which of the following tools is used to dump the memory of a running process, either immediately or when an error condition occurs?

Options :

A : FATKit

B : Coreography

C : Belkasoft Live RAM Capturer

D : Cachelnf

Answer: C

Question 4

Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement

he signed with the client, Harold is performing research online and seeing how much exposure the site has

received so far. Harold navigates to google.com and types in the following search. link:www.ghttech.net What

will this search produce?

Options :

A :

All sites that ghttech.net links to

B :

All sites that link to ghttech.net

C :

All search engines that link to .net domains

D :

Sites that contain the code: link:www.ghttech.net

Answer: B

Question 5

A forensics investigator is searching the hard drive of a computer for files that were recently moved to the

Recycle Bin. He searches for files in C:\RECYCLED using a command line tool but does not find anything.

What is the reason for this?

Options :

A :

He should search in C:\Windows\System32\RECYCLED folder

B :

The Recycle Bin does not exist on the hard drive

C :

The files are hidden and he must use switch to view them

D :

Only FAT system contains RECYCLED folder and not NTFS

Answer: C