DF MCQ 1
DF MCQ 1
DF MCQ 1
5. In the past, the method for expressing an opinion has been to frame a ____ question based on
available factual evidence.
A. Hypothetical
B. Nested
C. Challenging
D. Contradictory
Ans: A
6. More subtle because you are not aware that you are running these macros (the document opens
and the application automatically runs); spread via email
A. The purpose of copyright
B. Danger of macro viruses
C. Derivative works
D. computer-specific crime
Ans: B
7. There are three c's in computer forensics. Which is one of the three?
A. Control
B. Chance
C. Chains
D. Core
Ans: A
8. When Federal Bureau Investigation program was created?
A.1979
B.1984
C.1995
D.1989
Ans: B
15. In _______phase investigator transfers the relevant data from a venue out of physical or
administrative control of the investigator to a controlled location
A. Preservation phase
B. Survey phase
C. Documentation phase
D. Reconstruction phase
E. Presentation phase
Ans:B
16. In _______phase investigator transfers the relevant data from a venue out of physical or
administrative control of the investigator to a controlled location
F. Preservation phase
G. Survey phase
H. Documentation phase
I. Reconstruction phase
J. Presentation phase
Ans:B
18. A set of instruction compiled into a program that perform a particular task is known as:
A. Hardware.
B.CPU
C. Motherboard
D. Software
Ans: D
22. Which phase entails a review of the whole investigation and identifies area of improvement?
A. Physical crime investigation
B. Digital crime investigation.
C. Review phase.
D. Deployment phase
Ans: C
24. ___________is well established science where various contribution have been made
A. Forensic
B. Crime
C. Cyber Crime
D. Evidence
Ans: A
29. __________ is software that blocks unauthorized users from connecting to your computer.
A. Firewall
B. Quick lauch
C. OneLogin
D. Centrify
Ans: A
33. Which of following is a not unethical norm for Digital Forensics Investigation?
A. Uphold any relevant evidence.
B. Declare any confidential matters or knowledge.
C. Distort or falsify education, training, credentials.
D. To respect the privacy of others.
Ans: D
34. What is called as the process of creation a duplicate of digital media for purpose of
examining it?
A. Acquisition.
B. Steganography.
C. Live analysis
D. Hashing.
Ans: A
35. Which term refers for modifying a computer in a way which was not originally intended to
view Information?
A. Metadata
B. Live analysis
C. Hacking
D. Bit Copy
Ans: C
36. The ability to recover and read deleted or damaged files from a criminal’s computer is an
example of a law enforcement specialty called?
A. Robotics
B. Simulation
C. Computer Forensics
D. Animation
Ans: C
37. What are the important parts of the mobile device which used in Digital forensic?
A. SIM
B. RAM
C. ROM.
D.EMMC chip
Ans: D
38. Using what, data hiding in encrypted images be carried out in digital forensics?
A. Acquisition.
B. Steganography.
C. Live analysis
D. Hashing.
And: B
42. ________searches through raw data on a hard drive without using a file system.
A. Data mining
B. Data carving
C. Meta data
D. Data Spoofing.
Ans: B
43. What is first step to Handle Retrieving Data from an Encrypted Hard Drive?
A. Formatting disk
B. Storing data
C. Finding configuration files.
D. Deleting files.
Ans: C