WGU C724: INFORMATION SYSTEMS MANAGEMENT
COMPREHENSIVE QUESTIONS AND VERIFIED ANSWERS
[ALL PASSED] 2024 UPDATE
Which of the following should be physical location and structural design considerations for
forensics labs?
A. Lightweight construction materials need to be used.
B. Computer systems should be visible from every angle.
C. Room size should be compact with standard HVAC equipment.
D. Sufficient space to place all equipment to include storage
D
Which of the following is not part of the Computer Forensics Investigation Methodology?
A. Testify as an expert witness
B. Testify as an expert defendant
C. Data analysis
D. Data acquisition
B
Investigators can immediately take action after receiving a report of a security incident.
A. False
B. True
A
Under which of the following circumstances has a court of law allowed investigators to
perform searches without a warrant?
A. Expediting the process of obtaining a warrant may lead to the timely prosecution of a
perpetrator.
B. Delay in obtaining a warrant may lead to the preservation of evidence and expedite the
investigation process.
C. Delay in obtaining a warrant may lead to the destruction of evidence and hamper the
investigation process.
D. Expediting the process of obtaining a warrant may lead to a delay in prosecution of a
perpetrator.
C
Identify the following project, which was launched by the National Institute of Standards
and Technology (NIST), that establishes a "methodology for testing computer forensics
software tools by development of general tool specifications, test procedures, test criteria,
test sets, and test hardware."
A. Computer Forensic Hardware Project (CFHP)
B. Computer Forensic Investigation Project (CFIP)
C. Computer Forensic Tool Testing Project (CFTTP)
D. Enterprise Theory of Investigation (ETI)
,C
First responders can collect or recover data from any computer system or device that holds
electronic information.
A. True
B. False
B
What is not one of the measures a system or network administrator should take when
responding to an incident.
A. Transfer copies of system logs onto a clean media.
B. Record what is on the screen if the computer is switched on.
C. Immediately power down the computer if an ongoing attack is detected.
D. Document every detail relevant to the incident.
C
Written consent from the authority is sufficient to commence search and seizure activity.
A. True
B. False
A
When obtaining evidence, what action should a forensic investigator take if a computer is
switched on and the screen is viewable?
A. Remove the battery.
B. Move the mouse slowly.
C. Unplug the cable from the wall.
D. Photograph the screen.
D
Data duplication includes bit-by-bit copying of original data using a software or hardware
tool.
A. False
B. True
B
Which of the following is NOT a digital data storage type?
A. Optical storage devices
B. Quantum storage devices
C. Flash memory devices
D. Magnetic storage devices
B.
Computer Hacking Forensics Investigator Module 3 page 358.
What is NOT a Windows file system?
A. EXT3
B. FAT
,C. NTFS
D. FAT32
A.
Computer Hacking Forensics Investigator Module 3 page 256.
Which field type refers to teh volume descriptor as a primary?
A. Number 3
B. Number 0
C. Number 1
D. Number 2
C.
Computer Hacking Forensics Investigator Module 3 page 316.
Which logical drive holds the information regarding the data and files that are stored in
the disk?
A. Secondary partition
B. Primary partition
C. Tertiary partition
D. Extended partition
D.
Computer Hacking Forensics Investigator Module 3 page 230.
How large is the partition table structure that stores information about the partitions
present on the hard disk?
, How many bytes are used for the disk signatures in the structure of a master boot record
(MBR)?
A. 2
B. 24
C. 8
D. 64
A.
Computer Hacking Forensics Investigator Module 3 page 229.
In the GUID Partition Table, which Logical Block Address contains the Partition Entry
Array?
A. LBA 1
B. LBA 3
C. LBA 2
D. LBA 0
C.
Computer Hacking Forensics Investigator Module 3 page 235.
Which of the following describes when the user restarts the system via the operating
system?
A. Cold booting
B. Hot booting
C. Hard booting
D. Warm booting
D.
Computer Hacking Forensics Investigator Module 3 page 238.
Which Windows operating system powers on and starts up using either the traditional
BIOS-MBR method or the newer UEFI-GPT method?
A. Windows XP
B. Windows 8
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller MEGAMINDS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.99. You're not tied to anything after your purchase.