Chapter 6-13 multiple choice
Help!
|
|
||||
|---|---|---|---|---|---|
| show | true
🗑
|
||||
| show | cylinder
🗑
|
||||
| show | ZBR
🗑
|
||||
| ____ is the file structure database that Microsoft originally designed for floppy disks. | show 🗑
|
||||
| ____ was introduced when Microsoft created Windows NT and is the primary file system for Windows Vista | show 🗑
|
||||
| show | MFT
🗑
|
||||
| show | metadata
🗑
|
||||
| show | 1024
🗑
|
||||
| The file or folder’s MFT record provides cluster addresses where the file is stored on the drive’s partition. These cluster addresses are referred to as ____. | show 🗑
|
||||
| When Microsoft introduced Windows 2000, it added built-in encryption to NTFS called ____. | show 🗑
|
||||
| The purpose of the ____ is to provide a mechanism for recovering encrypted files under EFS if there’s a problem with the user’s original private key. | show 🗑
|
||||
| show | Registry
🗑
|
||||
| ____ is a 16-bit real-mode program that queries the system for device and configuration data, and then passes its findings to NTLDR. | show 🗑
|
||||
| show | NTBootdd.sys
🗑
|
||||
| ____ contain instructions for the OS for hardware devices, such as the keyboard, mouse, and video card, and are stored in the %system-root%\Windows\System32\Drivers folder. | show 🗑
|
||||
| show | Msdos.sys
🗑
|
||||
| show | Command.com
🗑
|
||||
| show | Config.sys
🗑
|
||||
| ____ is a batch file containing customized settings for MS-DOS that runs automatically. | show 🗑
|
||||
| show | virtual machine
🗑
|
||||
| In software acquisition, there are three types of data-copying methods. | show 🗑
|
||||
| show | true
🗑
|
||||
| show | false
🗑
|
||||
| show | true
🗑
|
||||
| show | 2
🗑
|
||||
| Software forensics tools are commonly used to copy data from a suspect’s disk drive to a(n) ____. | show 🗑
|
||||
| show | ms-dos
🗑
|
||||
| show | dd
🗑
|
||||
| show | Discrimination
🗑
|
||||
| show | password dictionary
🗑
|
||||
| The simplest method of duplicating a disk drive is using a tool that does a direct ____ copy from the original disk to the target disk. | show 🗑
|
||||
| show | report
🗑
|
||||
| show | IBM
🗑
|
||||
| show | Dir
🗑
|
||||
| show | 3
🗑
|
||||
| A forensics workstation consisting of a laptop computer with a built-in LCD monitor and almost as many bays and peripherals as a stationary workstation is also known as a ____. | show 🗑
|
||||
| ____ is a simple drive-imaging station. | show 🗑
|
||||
| show | Write-blockers
🗑
|
||||
| Many vendors have developed write-blocking devices that connect to a computer through FireWire,____ 2.0,and SCSI controllers. | show 🗑
|
||||
| show | NIST
🗑
|
||||
| The standards document, ____, demands accuracy for all aspects of the testing process, meaning that the results must be repeatable and reproducible. | show 🗑
|
||||
| The NIST project that has as a goal to collect all known hash values for commercial software applications and OS files is ____. | show 🗑
|
||||
| The primary hash algorithm used by the NSRL project is ____. | show 🗑
|
||||
| show | disk editor
🗑
|
||||
| Although a disk editor gives you the most flexibility in ____, it might not be capable of examining a ____ file’s contents | show 🗑
|
||||
| Macintosh OS X is built on a core called ____. | show 🗑
|
||||
| In older Mac OSs, a file consists of two parts: a data fork, where data is stored, and a ____ fork, where file metadata and application information are stored. | show 🗑
|
||||
| The maximum number of allocation blocks per volume that File Manager can access on a Mac OS system is ____. | show 🗑
|
||||
| On older Macintosh OSs all information about the volume is stored in the ____. | show 🗑
|
||||
| show | Volume Bitmap
🗑
|
||||
| show | extents overflow file
🗑
|
||||
| show | GPL
🗑
|
||||
| show | Ext2fs
🗑
|
||||
| show | 4
🗑
|
||||
| show | inodes
🗑
|
||||
| show | 0
🗑
|
||||
| ____ components define the file system on UNIX. | show 🗑
|
||||
| The final component in the UNIX and Linux file system is a(n) ____, which is where directories and files are stored on a disk drive. | show 🗑
|
||||
| LILO uses a configuration file named ____ located in the /Etc directory. | show 🗑
|
||||
| Erich Boleyn created GRUB in ____ to deal with multiboot processes and a variety of OSs. | show 🗑
|
||||
| show | /dev/hda1
🗑
|
||||
| show | 99
🗑
|
||||
| The ____ provides several software drivers that allow communication between the OS and the SCSI component. | show 🗑
|
||||
| All Advanced Technology Attachment (ATA) drives from ATA-33 through ATA-133 IDE and EIDE disk drives use the standard ____ ribbon or shielded cable. | show 🗑
|
||||
| show | 100
🗑
|
||||
| IDE ATA controller on an old 486 PC doesn’t recognize disk drives larger than 8.4 ____. | show 🗑
|
||||
| FTK cannot analyze data from image files from other vendors. | show 🗑
|
||||
| A nonsteganographic graphics file has a different size than an identical steganographic graphics file. | show 🗑
|
||||
| ____ increases the time and resources needed to extract,analyze,and present evidence. | show 🗑
|
||||
| You begin any computer forensics case by creating a(n) ____. | show 🗑
|
||||
| show | subpoenas
🗑
|
||||
| There are ____ searching options for keywords which FTK offers. | show 🗑
|
||||
| ____ search can locate items such as text hidden in unallocated space that might not turn up in an indexed search. | show 🗑
|
||||
| The ____ search feature allows you to look for words with extensions such as “ing,”“ed,” and so forth. | show 🗑
|
||||
| show | indexed
🗑
|
||||
| FTK and other computer forensics programs use ____ to tag and document digital evidence. | show 🗑
|
||||
| Getting a hash value with a ____ is much faster and easier than with a(n) ____. | show 🗑
|
||||
| AccessData ____ compares known file hash values to files on your evidence drive or image files to see whether they contain suspicious data. | show 🗑
|
||||
| show | hiding
🗑
|
||||
| show | Norton DiskEdit
🗑
|
||||
| show | FAT
🗑
|
||||
| show | steganography
🗑
|
||||
| ____ is defined as the art and science of hiding messages in such a way that only the intended recipient knows the message is there. | show 🗑
|
||||
| show | key escrow
🗑
|
||||
| show | BestCrypt
🗑
|
||||
| show | Password
🗑
|
||||
| show | Brute-force
🗑
|
||||
| show | Remote acquisitions
🗑
|
||||
| show | HDHOST
🗑
|
||||
| show | true
🗑
|
||||
| Steganography cannot be used with file formats other than image files. | show 🗑
|
||||
| ____ are based on mathematical instructions that define lines, curves, text, ovals, and other geometric shapes. | show 🗑
|
||||
| You use ____ to create, modify, and save bitmap, vector, and metafile graphics files. | show 🗑
|
||||
| ____ images store graphics information as grids of individual pixels. | show 🗑
|
||||
| show | demosaicing
🗑
|
||||
| The majority of digital cameras use the ____ format to store digital pictures | show 🗑
|
||||
| ____ compression compresses data by permanently discarding bits of information in the file. | show 🗑
|
||||
| show | carving
🗑
|
||||
| A(n) ____ file has a hexadecimal header value of FF D8 FF E0 00 10. | show 🗑
|
||||
| show | header data
🗑
|
||||
| The uppercase letter ____ has a hexadecimal value of 41. | show 🗑
|
||||
| The image format XIF is derived from the more common ____ file format. | show 🗑
|
||||
| The simplest way to access a file header is to use a(n) ____ editor | show 🗑
|
||||
| The ____ header starts with hexadecimal 49 49 2A and has an offset of four bytes of 5C01 0000 2065 5874 656E 6465 6420 03. | show 🗑
|
||||
| ____ is the art of hiding information inside image files. | show 🗑
|
||||
| ____ steganography places data from the secret file into the host file without displaying the secret data when you view the host file in its associated program. | show 🗑
|
||||
| ____ steganography replaces bits of the host file with other bits of data. | show 🗑
|
||||
| show | Outguess
🗑
|
||||
| ____ has also been used to protect copyrighted material by inserting digital watermarks into a file. | show 🗑
|
||||
| When working with image files, computer investigators also need to be aware of ____ laws to guard against copyright violations. | show 🗑
|
||||
| Under copyright laws, computer programs may be registered as ____. | show 🗑
|
||||
| show | pictorial, graphic, and sculptural works
🗑
|
||||
| show | metafile
🗑
|
||||
| ____________________ is the process of coding of data from a larger form to a smaller form. | show 🗑
|
||||
| show | internet
🗑
|
||||
| show | TIFF
🗑
|
||||
| show | insertion
🗑
|
||||
| show | Network forensics
🗑
|
||||
| ____ forensics is the systematic tracking of incoming and outgoing traffic on your network. | show 🗑
|
||||
| show | Tcpdump
🗑
|
||||
| ____ is a popular network intrusion detection system that performs packet capture and analysis in real time. | show 🗑
|
||||
| show | dcfldd
🗑
|
||||
| show | Packet sniffers
🗑
|
||||
| show | 3
🗑
|
||||
| show | Tethereal
🗑
|
||||
| The ____ Project was developed to make information widely available in an attempt to thwart Internet and network hackers. | show 🗑
|
||||
| show | zombies
🗑
|
||||
| show | client/server architecture
🗑
|
||||
| show | GUI
🗑
|
||||
| When working on a Windows environment you can press ____ to copy the selected text to the clipboard. | show 🗑
|
||||
| show | Properties
🗑
|
||||
| In Microsoft Outlook, you can save sent, drafted, deleted, and received e-mails in a file with a file extension of ____. | show 🗑
|
||||
| show | www.freeality.com
🗑
|
||||
| show | /etc/sendmail.cf
🗑
|
||||
| show | /var/log
🗑
|
||||
| In Exchange, to prevent loss of data from the last backup, a ____ file or marker is inserted in the transaction log to mark the last point at which the database was written to disk. | show 🗑
|
||||
| The Novell e-mail server software is called ____. | show 🗑
|
||||
| Developed during WWII, this technology,____, was patented by Qualcomm after the war. | show 🗑
|
||||
| show | TDMA
🗑
|
||||
| show | IS-136
🗑
|
||||
| show | EEPROM
🗑
|
||||
| ____ cards are found most commonly in GSM devices and consist of a microprocessor and from 16 KB to 4 MB of EEPROM. | show 🗑
|
||||
| ____ can still be found as separate devices from mobile phones. Most users carry them instead of a laptop to keep track of appointments, deadlines, address books, and so forth. | show 🗑
|
||||
| The file system for a SIM card is a ____ structure. | show 🗑
|
||||
| show | MF
🗑
|
||||
| show | Device Seizure
🗑
|
||||
| In a Windows environment, BitPim stores files in ____ by default. | show 🗑
|
Review the information in the table. When you are ready to quiz yourself you can hide individual columns or the entire table. Then you can click on the empty cells to reveal the answer. Try to recall what will be displayed before clicking the empty cell.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
ITSec_guy
Popular Computers sets