MCQs > IT & Programming > Computer Science MCQs > Computer forensics MCQs

Computer forensics MCQ

Computer forensics

1. The __________________ is the version of pcap available for linux based operating systems.

Answer

Correct Answer: Libcap

Note: This Question is unanswered, help us to find answer for this one

2. Elements in a smartart graphic are grouped in ____.

Answer

Correct Answer: Levels

Note: This Question is unanswered, help us to find answer for this one

3. In microsoft exchange, a(n) ____ file is responsible for messages formatted with mapi.

Answer

Correct Answer: Edb

Note: This Question is unanswered, help us to find answer for this one

4. In facebook the ____ info simply tells you the last time a person logged on.

Answer

Correct Answer: Basic subscriber

Note: This Question is unanswered, help us to find answer for this one

5. In order to retrieve logs from exchange, the powershell cmdlet _______________________ can be used.

Answer

Correct Answer: GetTransactionLogStats.psl

Note: This Question is unanswered, help us to find answer for this one

6. A judge _____ accept(s) the challenges put forth by attorneys regarding jury selection.

Answer

Correct Answer: Sometimes

Note: This Question is unanswered, help us to find answer for this one

7. To complete a forensic disk analysis and examination, you need to create a ____.

Answer

Correct Answer: Report

Note: This Question is unanswered, help us to find answer for this one

8. Software forensics tools are commonly used to copy data from a suspects disk drive to a(n) ____.

Answer

Correct Answer: Image file

Note: This Question is unanswered, help us to find answer for this one

9. After the evidence has been presented in a trial by jury, the jury must deliver a(n) _______.

Answer

Correct Answer: Verdict

Note: This Question is unanswered, help us to find answer for this one

10. A ____ is a column of tracks on two or more disk platters.

Answer

Correct Answer: Cylinder

Note: This Question is unanswered, help us to find answer for this one

11. Details concerning the average age, sex, and income of a magazine's readership are known as _____.

Answer

Correct Answer: READER PROFILE

Note: This Question is unanswered, help us to find answer for this one

12. Families operate as a _____________ where members interact with one another to form a whole.

Answer

Correct Answer: System

Note: This Question is unanswered, help us to find answer for this one

13. The specificity of microcrystalline tests is ________ the specificity of color tests.

Answer

Correct Answer: Greater than

Note: This Question is unanswered, help us to find answer for this one

14. Cases of arson, assault, and murder of homosexuals __________ in the 1990s.

Answer

Correct Answer: Increased dramatically

Note: This Question is unanswered, help us to find answer for this one

15. Exchange logs information about changes to its data in a(n) ____ log.

Answer

Correct Answer: Transaction.

Note: This Question is unanswered, help us to find answer for this one

16. Some popular web-based e-mail service providers are gmail, ____, outlook online, and yahoo!

Answer

Correct Answer: Zoho

Note: This Question is unanswered, help us to find answer for this one

17. Winhex provides several hashing algorithms, such as md5 and ____.

Answer

Correct Answer: SHA-1

Note: This Question is unanswered, help us to find answer for this one

18. The ____ digital network, a faster version of gsm, is designed to deliver data.

Answer

Correct Answer: EDGE

Note: This Question is unanswered, help us to find answer for this one

19. Some e-mail systems store messages in flat plaintext files, known as a(n) ____ format.

Answer

Correct Answer: Mbox

Note: This Question is unanswered, help us to find answer for this one

20. If you cant open a graphics file in an image viewer, the next step is to examine the files ____.

Answer

Correct Answer: Header data

Note: This Question is unanswered, help us to find answer for this one

21. Candidates who complete the iacis test successfully are designated as a _______.

Answer

Correct Answer: Certified Forensic Computer Examiner (CFCE)

Note: This Question is unanswered, help us to find answer for this one

22. ____ alters hash values, which makes cracking passwords more difficult.

Answer

Correct Answer: Salting passwords

Note: This Question is unanswered, help us to find answer for this one

23. Analog footage can be digitized using video _____ equipment.

Answer

Correct Answer: Capture

Note: This Question is unanswered, help us to find answer for this one

24. To view e-mail headers on yahoo! click the ____ list arrow, and click view raw message.

Answer

Correct Answer: More

Note: This Question is unanswered, help us to find answer for this one

25. The most important laws applying to attorneys and witnesses are the ____.

Answer

Correct Answer: Professional ethics

Note: This Question is unanswered, help us to find answer for this one

26. The ______________ imaging tool produces three proprietary formats: idif, irbf, and ieif.

Answer

Correct Answer: IXimager

Note: This Question is unanswered, help us to find answer for this one

27. The _____________ format is a proprietary format used by adobe photoshop.

Answer

Correct Answer: Psd

Note: This Question is unanswered, help us to find answer for this one

28. A _______ is not a private sector organization.

Answer

Correct Answer: Hospital

Note: This Question is unanswered, help us to find answer for this one

29. A ____ differs from a trial testimony because there is no jury or judge.

Answer

Correct Answer: Deposition

Note: This Question is unanswered, help us to find answer for this one

30. Fre ____ describes whether the expert is qualified and whether the expert opinion can be helpful.

Answer

Correct Answer: 702

Note: This Question is unanswered, help us to find answer for this one

31. Within windows vista and later, partition gaps are _____________ bytes in length.

Answer

Correct Answer: ​128

Note: This Question is unanswered, help us to find answer for this one

32. When cases go to trial, you as a forensics examiner can play one of ____ roles.

Answer

Correct Answer: 2

Note: This Question is unanswered, help us to find answer for this one

33. Validate your tools and verify your evidence with ____ to ensure its integrity.

Answer

Correct Answer: Hashing algorithms

Note: This Question is unanswered, help us to find answer for this one

34. The term for detecting and analyzing steganography files is _________________.

Answer

Correct Answer: Steganalysis

Note: This Question is unanswered, help us to find answer for this one

35. The prodiscover utility makes use of the proprietary _______________ file format.

Answer

Correct Answer: Eve.

Note: This Question is unanswered, help us to find answer for this one

36. The lempel-ziv-welch (lzw) algorithm is used in _____________ compression.

Answer

Correct Answer: FFD9

Note: This Question is unanswered, help us to find answer for this one

37. The _______________ format is an image format produced by the nuance paperport scanning program.

Answer

Correct Answer: .xif

Note: This Question is unanswered, help us to find answer for this one

38. The _______ is not one of the three stages of a typical criminal case.

Answer

Correct Answer: Civil suit

Note: This Question is unanswered, help us to find answer for this one

39. The _______ command was developed by nicholas harbour of the defense computer forensics laboratory.

Answer

Correct Answer: Dcfldd

Note: This Question is unanswered, help us to find answer for this one

40. The ____ is the most important part of testimony at a trial.

Answer

Correct Answer: Direct examination

Note: This Question is unanswered, help us to find answer for this one

41. Signed into law in 1973, the _______ was/were created to ensure consistency in federal proceedings.

Answer

Correct Answer: ​Federal Rules of Evidence

Note: This Question is unanswered, help us to find answer for this one

42. One of the most noteworthy e-mail scams was 419, otherwise known as the _______________.

Answer

Correct Answer: Nigerian Scam

Note: This Question is unanswered, help us to find answer for this one

43. In a prefetch file, the application's last access date and time are at offset ____.

Answer

Correct Answer: 0x88

Note: This Question is unanswered, help us to find answer for this one

44. If practical, _______ team(s) should collect and catalog digital evidence at a crime scene or lab.

Answer

Correct Answer: One

Note: This Question is unanswered, help us to find answer for this one

45. If a microphone is present during your testimony, place it ____ to eight inches from you.

Answer

Correct Answer: 6

Note: This Question is unanswered, help us to find answer for this one

46. How you format _____________ is less important than being consistent in applying formatting.

Answer

Correct Answer: Text

Note: This Question is unanswered, help us to find answer for this one

47. For exif jpeg files, the hexadecimal value starting at offset 2 is _____________.

Answer

Correct Answer: FFE1

Note: This Question is unanswered, help us to find answer for this one

48. Ext4f can support disk partitions as large as ____ tb.

Answer

Correct Answer: 16

Note: This Question is unanswered, help us to find answer for this one

49. Criminal law deals with harm to __________, whereas civil law involves harm to __________.

Answer

Correct Answer: Society; individuals

Note: This Question is unanswered, help us to find answer for this one

50. Blu-ray discs are the successor to the dvd and store up to __________ per layer.

Answer

Correct Answer: 25 GB

Note: This Question is unanswered, help us to find answer for this one

51. Autopsy uses ____ to validate an image.

Answer

Correct Answer: MD5

Note: This Question is unanswered, help us to find answer for this one

52. An evidence custody form does not usually contain _______.

Answer

Correct Answer: A witness list

Note: This Question is unanswered, help us to find answer for this one

53. A(n) _______________ acts as an evidence locker or safe to preserve the integrity of evidence.

Answer

Correct Answer: Secure Facility.

Note: This Question is unanswered, help us to find answer for this one

54. ____, or mirrored striping with parity, is a combination of raid 1 and raid 5.

Answer

Correct Answer: RAID 15

Note: This Question is unanswered, help us to find answer for this one

55. _______ is not recommended for a digital forensics workstation.

Answer

Correct Answer: Remote access software

Note: This Question is unanswered, help us to find answer for this one

56. _______ is not one of the functions of the investigations triad.

Answer

Correct Answer: Data recovery

Note: This Question is unanswered, help us to find answer for this one

57. _______ describes an accusation of fact that a crime has been committed.

Answer

Correct Answer: Allegation

Note: This Question is unanswered, help us to find answer for this one

58. _______ can be used with the dcfldd command to compare an image file to the original medium.

Answer

Correct Answer: Vf

Note: This Question is unanswered, help us to find answer for this one

59. Current distributions of linux include two hashing algorithm utilities: md5sum and ____.

Answer

Correct Answer: Shasum

Note: This Question is unanswered, help us to find answer for this one

60. Fre ____ describes whether basis for the testimony is adequate.

Answer

Correct Answer: 703

Note: This Question is unanswered, help us to find answer for this one

61. Forensics tools such as ____ can retrieve deleted files for use as evidence.

Answer

Correct Answer: ProDiscover Basic

Note: This Question is unanswered, help us to find answer for this one

62. One technique for extracting evidence from large systems is called ____.

Answer

Correct Answer: Sparse acquisition

Note: This Question is unanswered, help us to find answer for this one

63. Generally, digital records are considered admissible if they qualify as a ____ record.

Answer

Correct Answer: Business

Note: This Question is unanswered, help us to find answer for this one

64. _______ is a common cause for lost or corrupted evidence.

Answer

Correct Answer: Professional curiosity

Note: This Question is unanswered, help us to find answer for this one

65. There are two types of depositions: ____ and testimony preservation.

Answer

Correct Answer: Discovery

Note: This Question is unanswered, help us to find answer for this one

66. Computer forensics examiners have two roles: fact witness and ____ witness.

Answer

Correct Answer: Expert

Note: This Question is unanswered, help us to find answer for this one

67. Addresses that allow the mft to link to nonresident files are known as _______________.

Answer

Correct Answer: Logical cluster numbers

Note: This Question is unanswered, help us to find answer for this one

68. A(n) ____ is a person using a computer to perform routine tasks other than systems administration.

Answer

Correct Answer: End user

Note: This Question is unanswered, help us to find answer for this one

69. _______ is the utility used by the prodiscover program for remote access.

Answer

Correct Answer: PDServer

Note: This Question is unanswered, help us to find answer for this one

70. _______ does not recover data in free or slack space.

Answer

Correct Answer: Sparse acquisition

Note: This Question is unanswered, help us to find answer for this one

71. ____ is a written list of objections to certain testimony or exhibits.

Answer

Correct Answer: Motion in limine

Note: This Question is unanswered, help us to find answer for this one

72. Courts consider evidence data in a computer as ____ evidence.

Answer

Correct Answer: Physical

Note: This Question is unanswered, help us to find answer for this one

73. ____ is a core win32 subsystem dll file.

Answer

Correct Answer: User32.sys

Note: This Question is unanswered, help us to find answer for this one

74. The simplest way to access a file header is to use a(n) ____ editor

Answer

Correct Answer: Hexadecimal

Note: This Question is unanswered, help us to find answer for this one

75. The physical data copy subfunction exists under the ______________ function.

Answer

Correct Answer: Acquisition

Note: This Question is unanswered, help us to find answer for this one

76. Most users rely on ____ for finding, viewing, and managing information on their computers.

Answer

Correct Answer: Folder windows

Note: This Question is unanswered, help us to find answer for this one

77. Compared to todays computers, computers from the 1970s were ________

Answer

Correct Answer: Bigger and less powerful

Note: This Question is unanswered, help us to find answer for this one

78. ____ is a session data probe, collector, and analysis tool.

Answer

Correct Answer: Argus

Note: This Question is unanswered, help us to find answer for this one

79. The ____ is where directories and files are stored on a disk drive.

Answer

Correct Answer: Data block

Note: This Question is unanswered, help us to find answer for this one

80. The linux command _____ can be used to write bit-stream data to files.

Answer

Correct Answer: DD

Note: This Question is unanswered, help us to find answer for this one

81. Using steganography to hide a message inside a larger message is known as __________.

Answer

Correct Answer: Data transformation

Note: This Question is unanswered, help us to find answer for this one

82. Attorneys search ____ for information on expert witnesses.

Answer

Correct Answer: Deposition banks

Note: This Question is unanswered, help us to find answer for this one

83. Passwords are typically stored as one-way _____________ rather than in plaintext.

Answer

Correct Answer: Variables

Note: This Question is unanswered, help us to find answer for this one

84. Hard drives that run __________ address blocks, or integer multiples of blocks, at a time.

Answer

Correct Answer: Linux

Note: This Question is unanswered, help us to find answer for this one

85. Getting a hash value with a ____ is much faster and easier than with a(n) ____.

Answer

Correct Answer: Hexadecimal editor, computer forensics tool

Note: This Question is unanswered, help us to find answer for this one

86. Confidential business data included with the criminal evidence are referred to as ____ data.

Answer

Correct Answer: Commingled

Note: This Question is unanswered, help us to find answer for this one

87. _______ would not be found in an initial-response field kit.

Answer

Correct Answer: Leather gloves and disposable latex gloves

Note: This Question is unanswered, help us to find answer for this one

88. _______ describes the characteristics of a safe storage container.

Answer

Correct Answer: NISPOM

Note: This Question is unanswered, help us to find answer for this one

Computer Science MCQs | Topic-wise

MCQ on Computer Concepts MCQ on Computer Essentials
MCQ on Computer Graphics MCQ on Computer Literacy
MCQ on Computer forensics MCQ on Data Storage
MCQ on Input and Output Devices MCQ on Memory Devices
MCQ on Operating Systems MCQ on Programming skill
General Computer Science MCQs
Buy us a coffee
search
Buy us a coffee
Computer Science Subjects
Introduction to computer MCQs
Operating Systems MCQs
Programming skill MCQs
Computer Graphics MCQs
Information System and Security MCQs
Computer Literacy MCQs
Computer Essentials MCQs
Computer Viruses MCQs
Flowcharts MCQs
Data Storage MCQs
Input and Output Devices MCQs
Central Processing Unit (CPU) MCQs
User Support MCQs
Hard Drive MCQs
Memory Devices MCQs
Computer Concepts MCQs
Virtual Computer MCQs
Internet Research MCQs
Internet Protocol MCQs
Web Site & Design MCQs
Basic Computer Science MCQs
More Resources
Computer Science MCQ
Computer Science Skill Assessment
Computer Science PDF
Related MCQs
Core Java MCQs
CSS MCQs
CSS 3 MCQs
Cyber Security MCQs
Data Mining MCQs
Logo

Join our newsletter for the latest updates.

play store app store
Coming Soon

Our Products

Skill Assessment
Categories
MCQs
PDFs
Buy us a coffee

Company

About
Advertising
Privacy Policy
Terms & Conditions
Sitemap
Contact
Blog
Back to top back to top
Logo
play store app store
Coming Soon
Buy us a coffee

© Copyrights 2025 Quizack.com