質問 1:
At the time of evidence transfer, both sender and receiver need to give the information about date and time of transfer in the chain of custody record.
A. False
B. True
正解:B
質問 2:
P0P3 (Post Office Protocol 3) is a standard protocol for receiving email that deletes mail on the server as soon as the user downloads it. When a message arrives, the POP3 server appends it to the bottom of the recipient's account file, which can be retrieved by the email client at any preferred time. Email client connects to the POP3 server at _______________by default to fetch emails.
A. Port 110
B. Port 109
C. Port 123
D. Port 115
正解:A
質問 3:
In Windows 7 system files, which file reads the Boot.ini file and loads Ntoskrnl.exe. Bootvid.dll. Hal.dll, and boot-start device drivers?
A. Ntldr
B. Gdi32.dll
C. Boot.in
D. Kernel32.dll
正解:A
質問 4:
Data files from original evidence should be used for forensics analysis
A. False
B. True
正解:A
質問 5:
Network forensics can be defined as the sniffing, recording, acquisition and analysis of the network traffic and event logs in order to investigate a network security incident.
A. False
B. True
正解:B
質問 6:
Files stored in the Recycle Bin in its physical location are renamed as Dxy.ext, where, "X" represents the _________.
A. Drive name
B. Sequential number
C. Original file name
D. Original file name's extension
正解:A
質問 7:
Which of the following commands shows you the names of all open shared files on a server and number of file locks on each file?
A. Netconfig
B. Net sessions
C. Net file
D. Net share
正解:C
質問 8:
Which is not a part of environmental conditions of a forensics lab?
A. Open windows facing the public road
B. Good cooling system to overcome excess heat generated by the work station
C. Allocation of workstations as per the room dimensions
D. Large dimensions of the room
正解:A
質問 9:
Attackers can manipulate variables that reference files with "dot-dot-slash (./)" sequences and their variations such as http://www.juggyDoy.corn/GET/process.php./././././././././etc/passwd.
Identify the attack referred.
A. File injection
B. XSS attack
C. SQL Injection
D. Directory traversal
正解:D
At the time of evidence transfer, both sender and receiver need to give the information about date and time of transfer in the chain of custody record.
A. False
B. True
正解:B
質問 2:
P0P3 (Post Office Protocol 3) is a standard protocol for receiving email that deletes mail on the server as soon as the user downloads it. When a message arrives, the POP3 server appends it to the bottom of the recipient's account file, which can be retrieved by the email client at any preferred time. Email client connects to the POP3 server at _______________by default to fetch emails.
A. Port 110
B. Port 109
C. Port 123
D. Port 115
正解:A
質問 3:
In Windows 7 system files, which file reads the Boot.ini file and loads Ntoskrnl.exe. Bootvid.dll. Hal.dll, and boot-start device drivers?
A. Ntldr
B. Gdi32.dll
C. Boot.in
D. Kernel32.dll
正解:A
質問 4:
Data files from original evidence should be used for forensics analysis
A. False
B. True
正解:A
質問 5:
Network forensics can be defined as the sniffing, recording, acquisition and analysis of the network traffic and event logs in order to investigate a network security incident.
A. False
B. True
正解:B
質問 6:
Files stored in the Recycle Bin in its physical location are renamed as Dxy.ext, where, "X" represents the _________.
A. Drive name
B. Sequential number
C. Original file name
D. Original file name's extension
正解:A
質問 7:
Which of the following commands shows you the names of all open shared files on a server and number of file locks on each file?
A. Netconfig
B. Net sessions
C. Net file
D. Net share
正解:C
質問 8:
Which is not a part of environmental conditions of a forensics lab?
A. Open windows facing the public road
B. Good cooling system to overcome excess heat generated by the work station
C. Allocation of workstations as per the room dimensions
D. Large dimensions of the room
正解:A
質問 9:
Attackers can manipulate variables that reference files with "dot-dot-slash (./)" sequences and their variations such as http://www.juggyDoy.corn/GET/process.php./././././././././etc/passwd.
Identify the attack referred.
A. File injection
B. XSS attack
C. SQL Injection
D. Directory traversal
正解:D
0 お客様のコメント