During the seizure of digital evidence, the suspect can be allowed touch the computer system.

A. True

B. False

FAT32 is a 32-bit version of FAT file system using smaller clusters and results in efficient storage capacity. What is the maximum drive size supported?

A. 1 terabytes

B. 2 terabytes

C. 3 terabytes

D. 4 terabytes

At the time of evidence transfer, both sender and receiver need to give the information about date and time of transfer in the chain of custody record.

A. True

B. False

What is the First Step required in preparing a computer for forensics investigation?

A. Do not turn the computer off or on, run any programs, or attempt to access data on a computer

B. Secure any relevant media

C. Suspend automated document destruction and recycling policies that may pertain to any relevant media or users at Issue

D. Identify the type of data you are seeking, the Information you are looking for, and the urgency level of the examination

Subscriber Identity Module (SIM) is a removable component that contains essential information about the subscriber. Its main function entails authenticating the user of the cell phone to the network to gain access to subscribed services. SIM contains a 20-digit long Integrated Circuit Card identification (ICCID) number, identify the issuer identifier Number from the ICCID below.

A. 89

B. 44

C. 245252

D. 001451548

A computer forensics investigator is inspecting the firewall logs for a large financial institution that has employees working 24 hours a day, 7 days a week.

What can the investigator infer from the screenshot seen below?

A. A smurf attack has been attempted

B. A denial of service has been attempted C. Network intrusion has occurred

D. Buffer overflow attempt on the firewall.

Which among the following search warrants allows the first responder to search and seize the victim's computer components such as hardware, software, storage devices, and documentation?

A. John Doe Search Warrant

B. Citizen Informant Search Warrant

C. Electronic Storage Device Search Warrant

D. Service Provider Search Warrant

Who is responsible for the following tasks?

Secure the scene and ensure that is maintained in a secure state until the Forensic Team advises

Make notes about the scene that will eventually be handed over to the Forensic Team

A. Non-forensics staff

B. Lawyers

C. System administrators

D. Local managers or other non-forensic staff

Which of the following Event Correlation Approach is an advanced correlation method that assumes and predicts what an attacker can do next after the attack by studying the statistics and probability and uses only two variables?

A. Bayesian Correlation

B. Vulnerability-Based Approach

C. Rule-Based Approach

D. Route Correlation

Which layer of iOS architecture should a forensics investigator evaluate to analyze services such as Threading, File Access, Preferences, Networking and high-level features?

A. Core Services

B. Media services

C. Cocoa Touch

D. Core OS