Question
Question 1 5 pts (TCO 4) What protocol does the ping command utilize? Group of answer choices TFTP SNMP ICMP All the above Flag this
Question 1
5 pts
(TCO 4) What protocol does the "ping" command utilize?
Group of answer choices
TFTP
SNMP
ICMP
All the above
Flag this Question
Question 2
5 pts
(TCO 7) Investigative reconstruction can be useful for which of the following?
Group of answer choices
Locating concealed evidence
Prioritizing the investigation of suspects
Presentation of evidence in a court of law
All the above
Flag this Question
Question 3
5 pts
(TCOs 1, 2, 4) Who is authorized to conduct online undercover investigations when child pornography is involved?
Group of answer choices
Journalists
Law enforcement
Anyone
All the above
Flag this Question
Question 4
5 pts
(TCO 4) When using wireshark, and you want to monitor LAN ping traffic, you need to monitor what protocol (ie ping www.devry.edu when on Devry's LAN)?
Group of answer choices
ARP
ICMP
DNS
All of the above
Flag this Question
Question 5
5 pts
(TCO 6) A honeypot could be defined as a(n)
Group of answer choices
early detection system.
packet level firewall.
border gateway router.
intrusion detection system.
Flag this Question
Question 6
5 pts
(TCO 8) Which of the following challenges about working with foreign agencies is true?
Group of answer choices
Time zones, currency fluctuations, and language barriers may impact investigators dealing with overseas colleagues.
Investigators may have language, cultural, and political barriers to overcome when dealing with overseas colleagues.
Investigators may have language and political barriers to overcome but foreign nations understand American law well enough to help them.
Currency fluctuations, religion, and cultural differences only impact investigators that deal with colleagues overseas.
Flag this Question
Question 7
10 pts
(TCO 4) TCP works on the _______ layer of the OSI model.
Group of answer choices
Layer 1 or Physical
Layer 2 or Data Link
Layer 3 or Network
Layer 4 or Transport
Flag this Question
Question 8
10 pts
(TCO 4) IEEE 802.11______ is the standard for wireless communication.
Group of answer choices
b
g
x
n
Flag this Question
Question 9
10 pts
(TCO 7) This type of reconstructive analysis deals with the chronological sequence of events.
Group of answer choices
Temporal
Functional
Relational
Digital Stratigraphy
Flag this Question
Question 10
10 pts
(TCO 7) ________ refers to the systematic process of piecing together evidence and information gathered during an investigation.
Group of answer choices
Investigation
Reconstruction
Sampling
Projection
Flag this Question
Question 11
10 pts
(TCO 2) The power of the "deep web" comes from ________ with vast amounts of stored information.
Group of answer choices
Hackers
Backend databases
NASA
Apple
Flag this Question
Question 12
10 pts
(TCO 2) A prime tool investigators can use is _______ to determine a suspect's network IP address.
Group of answer choices
ARIN
PSPICE
Packet Tracer
Syslog
Flag this Question
Question 13
10 pts
(CO 7) If you create chronological list of events to identify patterns and anomalies you are using which of the following techniques?
Group of answer choices
Temporal
Relational
Functional
All answers are correct
Flag this Question
Question 14
10 pts
(CO 7) Using a link analysis to reveal how a cyberstalker obtains information about his victims is an example of:
Group of answer choices
Temporal
Relational
Functional
All options are correct
Flag this Question
Question 15
10 pts
(CO 7) When choosing a reconstructive technique the best approach is to:
Group of answer choices
Pick one and hope it works
Pick one and stick with it until the end of the investigation
Link the three with modus operandi and other characteristics.
None of these options
Flag this Question
Question 16
10 pts
(CO 5) Wireshark is:
Group of answer choices
a long thin shark found in the tropics
a tool used to capture network intrusion
a packet capture program that can show every packet that passes through a device
A network cabling tool
Flag this Question
Question 17
10 pts
(CO 5) You think your system has been compromised. What tools can be used to assist in this search?
Group of answer choices
Dust for fingerprints
Check to see if your ip address has changed.
Check for altered or missing log files, check the registry for signs of intrusion, netstat, tasklist
Make note of it and see if it happens again
Flag this Question
Question 18
10 pts
(CO 5) Compare how you would approach a system on a network versus a mobile device when analyzing it.
Group of answer choices
There are only variations in mobile data and memory
There are technical, legal, and operational considerations, variations in mobile data, and memory.
There are only legal considerations
There are no differences they are basically the same.
Flag this Question
Question 19
10 pts
(TCO 2) You have a suspect's phone, how can you track down their contacts and locate where they are located?
Group of answer choices
Call each one of the numbers in the contacts list
A deep web search should be conducted, along with possible GPS location information, and possible app integration with other users
Call the last 10 numbers dialed
Track the last 10 incoming numbers
Flag this Question
Question 20
10 pts
(CO 1) You need to digitally track a suspect across international jurisdictional boundaries; how will you coordinate working with local, state, and federal agencies.
Group of answer choices
Recognize jurisdictional boundaries
Observe cooperation between agencies,
Acquire proper warrants, variances in laws, and different time zones.
All of these options
Flag this Question
Question 21
20 pts
(CO 3) Compare and contrast the MO of a cyberstalker and that of a con artist.
Group of answer choices
A con artist works face to face with an individual while a cyberstalker will use technology to gain a person's trust.
A cyberstalker works face to face with an individual while a con artist will use technology to gain a person's trust.
Both are exactly the same.
There is no way to determine the difference.
Flag this Question
Question 22
20 pts
(CO 10) You are a first responder that will go in with law enforcement to seize evidence at a crime scene. The scene contains various electronic devices, such as cell phones, iPods, digital cameras, and other similar devices. What actions do you need to follow to ensure your investigation will be effective?
Group of answer choices
Take crime scene photos
Seize all related peripherals, which includes batteries, power cords, SIM cards, manuals, cradles, interface cables etc;
Initiate the chain of custody form and protect the devices with antistatic bags.
All of these options
Flag this Question
Question 23
20 pts
(CO 9) A criminal might use which of the following areas to hide data on a hard drive?
Group of answer choices
Volume slack space
An open folder
A jar folder
POST
Flag this Question
Question 24
20 pts
(CO 4) What is the importance of a MAC address in forensic investigations in reference to wireless networks?
Group of answer choices
MAC filtering can be used to locate a device by AP on network.
It is really not helpful at all
MAC snooping is used to determine where a device is located.
None of these options
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started