Forensic
Forensic
Forensic
1 Digital forensics
Introduction to digital forensic, History of forensic, Rules of digital forensic, Definition of digital forensic, Digital
forensics investigation and its goal
3.2 Models of Digital Forensic Investigation
Road map for Digital Forensic Research (RMDFR) Investigative Model
Abstract Digital Forensics Model (ADFM)
Integrated Digital Investigation Process (IDIP)
End to End digital investigation process (EEDIP)
An extended model for cybercrime investigation
UML modeling of digital forensic process model (UMDFPM)
3.3 Ethical issues in digital forensic
General ethical norms for investigators, Unethical norms for investigation
5. In the past, the method for expressing an opinion has been to frame a question based on
available factual evidence.
A.Hypothetical
B. Nested
C. Challenging
D. Contradictory
Page 1 of
6. More subtle because you are not aware that you are running these macros (the document opens and
the application automatically runs); spread via email
A. The purpose of the copyright
B.The danger of macro viruses
C. Derivative works
D. computer-specific crime
7. There are three c's in computer forensics. Which is one of the three?
A.Control
B. Chance
C. Chains
D. Core
Page 2 of
14. phase includes putting the pieces of a digital puzzle together and developing investigative hypotheses
A. Preservation phase
B. Survey phase
C. Documentation phase
D. Reconstruction phase
E. Presentation phase
Page 3 of
15. In phase investigator transfers the relevant data from a venue out of physical or administrative control of
the investigator to a controlled location
A. Preservation phase
B.Survey phase
C. Documentation phase
D. Reconstruction phase
E. Presentation phase
16. In phase investigator transfers the relevant data from a venue out of physical or administrative control of
the investigator to a controlled location
A. Preservation phase
B.Survey phase
C. Documentation phase
D. Reconstruction phase
E. Presentation phase
18. A set of instruction compiled into a program that perform a particular task is known as:
A. Ha
rdware.
B.CPU
C. Motherboard
D. Software
20. To collect and analyze the digital evidence that was obtained from the physical investigation phase, is the goal of
which phase?
A. Physical crime investigation
B.Digital crime investigation.
C. Review phase.
D. Deployment phase.
21. To provide a mechanism to an incident to be detected and confirmed is purpose of which phase?
A. Physical crime investigation
B. Digital crime investigation.
C. Review phase.
D. Deployment phase.
22. Which phase entails a review of the whole investigation and identifies an area of improvement?
A. Physical crime investigation
B. Digital crime investigation.
C. Review phase.
D. Deployment phase
29. is software that blocks unauthorized users from connecting to your computer.
A. Firewall
B. Quick launch
C. OneLogin
D. Centrify
30. Which of the following are general Ethical norms for Investigator?
A. To contribute to society and human beings.
B. To avoid harm to others.
C. To be honest and trustworthy. D. All of the above
E. None of the above
31. Which of the following are Unethical norms for Investigator?
A. Uphold any relevant evidence.
B. Declare any confidential matters or knowledge.
C. Distort or falsify education, training, credentials.
D. All of the above
E. None of the above
32. Which of the following is not a general ethical norm for Investigator?
A. To contribute to society and human beings.
B. Uphold any relevant Evidence.
C. To be honest and trustworthy. D. To honor confidentially.
33. Which of the following is a not unethical norm for Digital Forensics Investigation?
A. Uphold any relevant evidence.
B. Declare any confidential matters or knowledge.
C. Distort or falsify education, training, credentials.
D. To respect the privacy of others.
Page 5 of
34. What is called as the process of creation a duplicate of digital media for purpose of examining it?
A. Acquisition.
B. Steganography.
C. Live analysis
D. Hashing.
Page 6 of
35. Which term refers to modifying a computer in a way which was not originally intended to
view Information?
A. Metadata
B. Live analysis
C. Hacking
D. Bit Copy
36. The ability to recover and read deleted or damaged files from a criminal’s computer
is an example of a law enforcement specialty called?
A. Robotics
B. Simulation
C. Computer Forensics
D. Animation
37. What are the important parts of the mobile device which used in Digital forensic?
A. SIM
B. RAM
C. ROM.
D. EMMC chip
38. Using what, data hiding in encrypted images be carried out in digital forensics?
A. Acquisition.
B.Steganography.
C. Live analysis
D. Hashing.
41. is the process of recording as much data as possible to create reports and analysis on
user input.
A. Data mining
B. Data carving
C. Metadata
D. Data Spoofing.
42. searches through raw data on a hard drive without using a file system.
A. Data mining
B.Data carving
C. Metadata
D. Data Spoofing.
43. What is the first step to Handle Retrieving Data from an Encrypted Hard Drive?
A. Formatting disk
B. Storing data
C. Finding configuration files.
D. Deleting Files