C702 - Forensics and Network Intrusion Final Exam Questions Fully Solved.
2 views 0 purchase
Course
WGU C702
Institution
WGU C702
What is a benefit of forensic readiness?
Establishes procedures for fast and efficient investigations
Reduces the need for interface with law enforcement
Eliminates the need to follow regulatory requirements
Ensures maximum regulatory fines for data disclosure - Answer Establishes pr...
C702 - Forensics and Network Intrusion
Final Exam Questions Fully Solved.
What is a benefit of forensic readiness?
Establishes procedures for fast and efficient investigations
Reduces the need for interface with law enforcement
Eliminates the need to follow regulatory requirements
Ensures maximum regulatory fines for data disclosure - Answer Establishes
procedures for fast and efficient investigations
What should be considered when creating a forensic readiness plan?
Source of the evidence
Pertinence of the evidence
Problems that the evidence might cause in court
Determination of which evidence to include in the report - Answer Source of the
evidence
What allows for a lawful search to be conducted without a warrant or probable cause?
Imminent destruction of evidence
Initial search of the scene
Consent of person with authority
Obtained witness signatures - Answer Consent of person with authority
A forensic investigator is tasked with retrieving evidence where the primary server has
been erased. The investigator needs to rely on network logs and backup tapes to base
their conclusions on while testifying in court. Which information found in rules of
evidence, Rule 1001, helps determine if this testimony is acceptable to the court?
Definition of original evidence
,Requirements of original evidence
Admissibility of duplicate evidence
Admissibility of other evidence - Answer Definition of original evidence
When can a forensic investigator collect evidence without formal consent?
When properly worded banners are displayed on the computer screen
When the suspect is a minor and lives with parents or guardians
When devices are owned by a company and provisioned to its employees
When multiple people use the same equipment for daily work - Answer When properly
worded banners are displayed on the computer screen
Who determines whether a forensic investigation should take place if a situation is
undocumented in the standard operating procedures?
Decision maker
Attorney
Incident responder
Examiner - Answer Decision maker
What should a forensic lab do to maintain quality assurance during a digital forensic
investigation?
Conduct validity testing on the tools
Download the latest version of the tools
Use only open-source tools
Use only proprietary tools - Answer Conduct validity testing on the tools
What is a common task of a computer forensic investigator?
Performing upgrades on networking infrastructure
Recovering deleted files, hidden files, and temporary data that could be used as
evidence
,Evaluating corporate policy to determine if it is aligned with the enterprise strategic plan
Penetrating systems to expose system-level vulnerabilities - Answer Recovering
deleted files, hidden files, and temporary data that could be used as evidence
Which web application weakness allows sensitive data to be unintentionally revealed to
an unauthorized user?
Broken access control
Information leakage
Buffer overflow
Improper error handling - Answer Information leakage
Which situation leads to a civil investigation?
Disputes between two parties that relate to a contract violation
Violations of laws that are considered to be harmful to society
Misconduct based on incorrectly following policies and procedures
Disagreement between business partners on communication protocols - Answer
Disputes between two parties that relate to a contract violation
Which rule does a forensic investigator need to follow?
Use only original evidence during analysis
Use well-known standard procedures
Discuss the case with the media
Include opinions with notes during analysis - Answer Use well-known standard
procedures
What is the focus of Locard's exchange principle?
Any action taken should avoid changing data held on a digital device.
Anyone entering a crime scene takes something with them and leaves something
behind.
, A record of all actions should be made so an independent investigator can verify results.
The investigator has the responsibility to follow the rules of evidence. - Answer
Anyone entering a crime scene takes something with them and leaves something
behind.
What is the focus of the enterprise theory of investigation (ETI)?
Criminals commit a crime solely for their own benefit.
Every crime should be investigated as an individual incident.
Forensics can be used to identify the threat actor in a crime.
Solving one crime can tie it back to a criminal organization's activities. - Answer
Solving one crime can tie it back to a criminal organization's activities.
What do some states require before beginning a forensic investigation?
License
References
Indemnity insurance
Background check - Answer License
Which law protects customers' sensitive data by requiring financial institutions to inform
their customers of their information-sharing practices?
Federal Information Security Modernization Act (FISMA)
Which type of information can a forensic investigator find in a common metadata field
for a file?
Network name
User password
MAC address
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller TestSolver9. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.19. You're not tied to anything after your purchase.