While working for a prosecutor, what do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense?
As a CHFI professional, which of the following is the most important to your professional reputation?
What happens when a file is deleted by a Microsoft operating system using the FAT file system?
James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?
During the course of an investigation, you locate evidence that may prove the innocence of the suspect of the investigation. You must maintain an unbiased opinion and be objective in your entire fact finding process. Therefore, you report this evidence. This type of evidence is known as:
When investigating a Windows System, it is important to view the contents of the page or swap file because:
The ____________________ refers to handing over the results of private investigations to the authorities because of indications of criminal activity.
In the context of file deletion process, which of the following statement holds true?
You are working as an independent computer forensics investigator and received a call from a systems administrator for a local school system requesting your assistance. One of the students at the local high school is suspected of downloading inappropriate images from the Internet to a PC in the Computer lab. When you arrive at the school, the systems administrator hands you a hard drive and tells you that he made a “simple backup copy” of the hard drive in the PC and put it on this drive and requests that you examine that drive for evidence of the suspected images. You inform him that a “simple backup copy” will not provide deleted files or recover file fragments.
What type of copy do you need to make to ensure that the evidence found is complete and admissible in future proceeding?
When examining the log files from a Windows IIS Web Server, how often is a new log file created?
When examining a hard disk without a write-blocker, you should not start windows because Windows will write data to the:
After undergoing an external IT audit, George realizes his network is vulnerable to DDoS attacks.
What countermeasures could he take to prevent DDoS attacks?
You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?
PDF + Testing Engine |
---|
$66 |
Testing Engine |
---|
$50 |
PDF (Q&A) |
---|
$42 |
ECCouncil Free Exams |
---|
|