Computer security logs contain information about the events occurring within an organization's systems and networks. Which of the following security logs contains Logs of network and host-based security software?
A. Application logs
B. Operating System (OS) logs
C. Security software logs
D. Audit logs
正解:C
質問 2:
Which of the following email headers specifies an address for mailer-generated errors, like "no such user" bounce messages, to go to (instead of the sender's address)?
A. Mime-Version header
B. Content-Type header
C. Errors-To header
D. Content-Transfer-Encoding header
正解:C
質問 3:
What is a bit-stream copy?
A. A bit-stream image is the file that contains the FAT32 files and folders of all the data on a disk or partition
B. Bit-Stream Copy is a bit-by-bit copy of the original storage medium and exact copy of the original disk
C. Creating a bit-stream image transfers only non-deleted files from the original disk to the image disk
D. A bit-stream image is the file that contains the NTFS files and folders of all the data on a disk or partition
正解:B
質問 4:
The Apache server saves diagnostic information and error messages that it encounters while processing requests. The default path of this file is usr/local/apache/logs/error.log in Linux. Identify the Apache error log from the following logs.
A. http://victim.com/scripts/..%c0%af./..%c0%af./..%c0%af./..%c0%af./..%c0%af./..%c0%af./..%c0%af ./..%c0%af./../winnt/system32/cmd.exe?/c+di r+c:\wintt\system32\Logfiles\W3SVC1
B. 127.0.0.1 - frank [10/Oct/2000:13:55:36-0700] "GET /apache_pb.grf HTTP/1.0" 200 2326
C. [Wed Oct 11 14:32:52 2000] [error] [client 127.0.0.1] client denied by server configuration: /export/home/live/ap/htdocs/test
D. 127.0.0.1 --[10/Apr/2007:10:39:11 +0300] ] [error] "GET /apache_pb.gif HTTP/1.0' 200 2326
正解:C
質問 5:
Ever-changing advancement or mobile devices increases the complexity of mobile device examinations. Which or the following is an appropriate action for the mobile forensic investigation?
A. If the phone is in a cradle or connected to a PC with a cable, then unplug the device from the computer
B. Do not wear gloves while handling cell phone evidence to maintain integrity of physical evidence
C. To avoid unwanted interaction with devices found on the scene, turn on any wireless interfaces such as Bluetooth and Wi-Fi radios
D. If the device's display is ON. the screen's contents should be photographed and, if necessary, recorded manually, capturing the time, service status, battery level, and other displayed icons
正解:D