Question 1

5 pts

(TCO 4) What protocol does the "ping" command utilize?

Group of answer choices

TFTP

SNMP

ICMP

All the above

Flag this Question

Question 2

5 pts

(TCO 7) Investigative reconstruction can be useful for which of the following?

Group of answer choices

Locating concealed evidence

Prioritizing the investigation of suspects

Presentation of evidence in a court of law

All the above

Flag this Question

Question 3

5 pts

(TCOs 1, 2, 4) Who is authorized to conduct online undercover investigations when child pornography is involved?

Group of answer choices

Journalists

Law enforcement

Anyone

All the above

Flag this Question

Question 4

5 pts

(TCO 4) When using wireshark, and you want to monitor LAN ping traffic, you need to monitor what protocol (ie ping www.devry.edu when on Devry's LAN)?

Group of answer choices

ARP

ICMP

DNS

All of the above

Flag this Question

Question 5

5 pts

(TCO 6) A honeypot could be defined as a(n)

Group of answer choices

early detection system.

packet level firewall.

border gateway router.

intrusion detection system.

Flag this Question

Question 6

5 pts

(TCO 8) Which of the following challenges about working with foreign agencies is true?

Group of answer choices

Time zones, currency fluctuations, and language barriers may impact investigators dealing with overseas colleagues.

Investigators may have language, cultural, and political barriers to overcome when dealing with overseas colleagues.

Investigators may have language and political barriers to overcome but foreign nations understand American law well enough to help them.

Currency fluctuations, religion, and cultural differences only impact investigators that deal with colleagues overseas.

Flag this Question

Question 7

10 pts

(TCO 4) TCP works on the _______ layer of the OSI model.

Group of answer choices

Layer 1 or Physical

Layer 2 or Data Link

Layer 3 or Network

Layer 4 or Transport

Flag this Question

Question 8

10 pts

(TCO 4) IEEE 802.11______ is the standard for wireless communication.

Group of answer choices

b

g

x

n

Flag this Question

Question 9

10 pts

(TCO 7) This type of reconstructive analysis deals with the chronological sequence of events.

Group of answer choices

Temporal

Functional

Relational

Digital Stratigraphy

Flag this Question

Question 10

10 pts

(TCO 7) ________ refers to the systematic process of piecing together evidence and information gathered during an investigation.

Group of answer choices

Investigation

Reconstruction

Sampling

Projection

Flag this Question

Question 11

10 pts

(TCO 2) The power of the "deep web" comes from ________ with vast amounts of stored information.

Group of answer choices

Hackers

Backend databases

NASA

Apple

Flag this Question

Question 12

10 pts

(TCO 2) A prime tool investigators can use is _______ to determine a suspect's network IP address.

Group of answer choices

ARIN

PSPICE

Packet Tracer

Syslog

Flag this Question

Question 13

10 pts

(CO 7) If you create chronological list of events to identify patterns and anomalies you are using which of the following techniques?

Group of answer choices

Temporal

Relational

Functional

All answers are correct

Flag this Question

Question 14

10 pts

(CO 7) Using a link analysis to reveal how a cyberstalker obtains information about his victims is an example of:

Group of answer choices

Temporal

Relational

Functional

All options are correct

Flag this Question

Question 15

10 pts

(CO 7) When choosing a reconstructive technique the best approach is to:

Group of answer choices

Pick one and hope it works

Pick one and stick with it until the end of the investigation

Link the three with modus operandi and other characteristics.

None of these options

Flag this Question

Question 16

10 pts

(CO 5) Wireshark is:

Group of answer choices

a long thin shark found in the tropics

a tool used to capture network intrusion

a packet capture program that can show every packet that passes through a device

A network cabling tool

Flag this Question

Question 17

10 pts

(CO 5) You think your system has been compromised. What tools can be used to assist in this search?

Group of answer choices

Dust for fingerprints

Check to see if your ip address has changed.

Check for altered or missing log files, check the registry for signs of intrusion, netstat, tasklist

Make note of it and see if it happens again

Flag this Question

Question 18

10 pts

(CO 5) Compare how you would approach a system on a network versus a mobile device when analyzing it.

Group of answer choices

There are only variations in mobile data and memory

There are technical, legal, and operational considerations, variations in mobile data, and memory.

There are only legal considerations

There are no differences they are basically the same.

Flag this Question

Question 19

10 pts

(TCO 2) You have a suspect's phone, how can you track down their contacts and locate where they are located?

Group of answer choices

Call each one of the numbers in the contacts list

A deep web search should be conducted, along with possible GPS location information, and possible app integration with other users

Call the last 10 numbers dialed

Track the last 10 incoming numbers

Flag this Question

Question 20

10 pts

(CO 1) You need to digitally track a suspect across international jurisdictional boundaries; how will you coordinate working with local, state, and federal agencies.

Group of answer choices

Recognize jurisdictional boundaries

Observe cooperation between agencies,

Acquire proper warrants, variances in laws, and different time zones.

All of these options

Flag this Question

Question 21

20 pts

(CO 3) Compare and contrast the MO of a cyberstalker and that of a con artist.

Group of answer choices

A con artist works face to face with an individual while a cyberstalker will use technology to gain a person's trust.

A cyberstalker works face to face with an individual while a con artist will use technology to gain a person's trust.

Both are exactly the same.

There is no way to determine the difference.

Flag this Question

Question 22

20 pts

(CO 10) You are a first responder that will go in with law enforcement to seize evidence at a crime scene. The scene contains various electronic devices, such as cell phones, iPods, digital cameras, and other similar devices. What actions do you need to follow to ensure your investigation will be effective?

Group of answer choices

Take crime scene photos

Seize all related peripherals, which includes batteries, power cords, SIM cards, manuals, cradles, interface cables etc;

Initiate the chain of custody form and protect the devices with antistatic bags.

All of these options

Flag this Question

Question 23

20 pts

(CO 9) A criminal might use which of the following areas to hide data on a hard drive?

Group of answer choices

Volume slack space

An open folder

A jar folder

POST

Flag this Question

Question 24

20 pts

(CO 4) What is the importance of a MAC address in forensic investigations in reference to wireless networks?

Group of answer choices

MAC filtering can be used to locate a device by AP on network.

It is really not helpful at all

MAC snooping is used to determine where a device is located.

None of these options