- Information
- AI Chat
Chapter 3 MCQ
Digital Forensics (ITC597)
Charles Sturt University
Recommended for you
Related documents
Related Studylists
ForensicsPreview text
Question 1
1 out of 1 points Which option below is not a hashing function used for validation checks? Selected Answer:
a. RC Answers: a. RC b. MD c. SHA- d. CRC
Question 2
1 out of 1 points The Linux command _____ can be used to write bit-stream data to files. Selected Answer:
c. dd
Answers: a. cat b. dump
c. dd d. write
Question 3
0 out of 1 points Which option below is not a Linux Live CD meant for use as a digital forensics tool?
Answer s:
a. CAINE b. Ubuntu c. Penguin Sleuth d. Kali Linux
Question 4
0 out of 1 points
The _______ switch can be used with the split command to adjust the size of segmented volumes created by the dd command.
Answer s:
a. -s
b. -p c. -S d . -b
Question 5
1 out of 1 points The Linux command _______ can be used to list the current disk devices connected to the computer. Selected Answer:
b. fdisk -l Answers: a. show drives
b. fdisk -l c. ls -l
d. geom
Question 6
1 out of 1 points The _______ command was developed by Nicholas Harbour of the Defense Computer Forensics Laboratory. Selected Answer:
a. dcfldd Answers: a. dcfldd
b. dd
c. split d. echo
Question 7
An investigator wants to capture all data on a SATA drive connected to a Linux system. What should the investigator use for the "if=" portion of the dcfldd command?
Answer s:
a. /dev/hda
b. /dev/sda c. /dev/hda
d. /dev/sda
Question 11
0 out of 1 points _______ can be used with the dcfldd command to compare an image file to the original medium.
Answer s:
a. compare
b. imgcheck c. vf
d. cmp
Question 12
1 out of 1 points Which RAID type provides increased speed and data storage capability, but lacks redundancy? Selected Answer:
a. RAID 0
Answers: a. RAID 0 b. RAID 5 c. RAID 1 d. RAID 0+
Question 13
0 out of 1 points
Which RAID type utilizes a parity bit and allows for the failure of one drive without losing data?
Answer s:
a. RAID 1
b. RAID 2 c. RAID 3 d. RAID 5
Question 14
0 out of 1 points _______ creates a virtual volume of a RAID image file, and then makes repairs on the virtual volume, which can then be restored to the original RAID.
Answer s:
a. FixitRaid b. RaidRestore c. R-Tools R-Studio d. Runtime Software
Question 15
0 out of 1 points _______ is the utility used by the ProDiscover program for remote access.
Answer s:
a. PDServer
b. VNCServer c. SubSe7en d. l0pht
Question 16
0 out of 1 points The _______ copies evidence of intrusions to an investigation workstation automatically for further analysis over the network.
b. SATA c. IDE d. FireWire 1394A
Question 20
0 out of 1 points To create a new primary partition within the fdisk interactive utility, which letter should be typed?
Answer s:
a. l b . n c. c
d. p
Chapter 3 MCQ
Course: Digital Forensics (ITC597)
University: Charles Sturt University
- Discover more from:
