- All Exams Instant Download
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?A . Passive IDS B. Active IDS C. Progressive IDS D. NIPSView AnswerAnswer: B
What type of DoS attack is James testing against his network?
James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?A . Smurf B. Trinoo C. Fraggle D. SYN floodView AnswerAnswer: A
Why should you note all cable connections for a computer you want to seize as evidence?
Why should you note all cable connections for a computer you want to seize as evidence?A . to know what outside connections existed B. in case other devices were connected C. to know what peripheral devices exist D. to know what hardware existedView AnswerAnswer: A
What assistance can the ISP provide?
In conducting a computer abuse investigation you become aware that the suspect of the investigation is using ABC Company as his Internet Service Provider (ISP). You contact ISP and request that they provide you assistance with your investigation. What assistance can the ISP provide?A . The ISP can investigate anyone...
What does mactime, an essential part of the coroner's toolkit do?
What does mactime, an essential part of the coroner's toolkit do?A . It traverses the file system and produces a listing of all files based on the modification, access and change timestamps B. It can recover deleted file space and search it for data. However, it does not allow the...
What can you do to prove that the evidence is the same as it was when it first entered the lab?
You are assigned to work in the computer forensics lab of a state police agency. While working on a high profile criminal case, you have followed every applicable procedure, however your boss is still concerned that the defense attorney might question whether evidence has been changed while at the lab....
What type of copy do you need to make to ensure that the evidence found is complete and admissible in future proceeding?
You are working as an independent computer forensics investigator and received a call from a systems administrator for a local school system requesting your assistance. One of the students at the local high school is suspected of downloading inappropriate images from the Internet to a PC in the Computer lab....
While working for a prosecutor, what do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense?
While working for a prosecutor, what do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense?A . Keep the information of file for later review B. Destroy the evidence C. Bring the information to the attention of...
What can an investigator examine to verify that a file has the correct extension?
One technique for hiding information is to change the file extension from the correct one to one that might not be noticed by an investigator. For example, changing a .jpg extension to a .doc extension so that a picture file appears to be a document. What can an investigator examine...
If an attacker's computer sends an IPID of 31400 to a zombie computer on an open port in IDLE scanning, what will be the response?
If an attacker's computer sends an IPID of 31400 to a zombie computer on an open port in IDLE scanning, what will be the response?A . The zombie will not send a response B. 31402 C. 31399 D. 31401View AnswerAnswer: D
