WGU D431 OBJECTIVE ASSESSMENT EXAM ACTUAL EXAM
AND PRACTICE EXAM COMPLETE 400 QUESTIONS AND
VERIFIED DETAILED SOLUTIONS
WGU D431 OBJECTIVE ASSESSMENT EXAM 1
The chief information officer of an accounting firm believes sensitive data is being exposed on
the local network. Which tool should the IT staff use to gather digital evidence about this
security vulnerability?
A Sniffer
B Disk analyzer
C Tracer
D Virus scanner
A Sniffer
A police detective investigating a threat traces the source to a house. The couple at the house
shows the detective the only computer the family owns, which is in their son's bedroom. The
couple states that their son is presently in class at a local middle school.
How should the detective legally gain access to the computer?
A Obtain a search warrant from the police
B Seize the computer under the USA Patriot Act
C Obtain consent to search from the parents
D Seize the computer under the Computer Security Act
C Obtain consent to search from the parents
How should a forensic scientist obtain the network configuration from a Windows PC before
seizing it from a crime scene?
1
,Page 2 of 144
A By using the ipconfig command from a command prompt on the computer
B By using the tracert command from a command prompt on the computer
C By logging into the router to which the PC is connected
D By installing a network packet sniffer on the computer
A By using the ipconfig command from a command prompt on the computer
The human resources manager of a small accounting firm believes he may have been a victim
of a phishing scam. The manager clicked on a link in an email message that asked him to
verify the logon credentials for the firm's online bank account.
Which digital evidence should a forensic investigator collect to investigate this incident?
A System log
B Security log
C Disk cache
D Browser cache
D Browser cache
After a company's single-purpose, dedicated messaging server is hacked by a cybercriminal, a
forensics expert is hired to investigate the crime and collect evidence.
Which digital evidence should be collected?
A Web server logs
B Firewall logs
C Phishing emails
D Spam messages
B Firewall logs
2
,Page 3 of 144
Thomas received an email stating that he needed to follow a link and verify his bank account
information to ensure it was secure. Shortly after following the instructions, Thomas noticed
money was missing from his account.
Which digital evidence should be considered to determine how Thomas' account information
was compromised?
A Social media accounts
B Router logs
C Flash drive contents
D Email messages
D Email messages
The chief executive officer (CEO) of a small computer company has identified a potential
hacking attack from an outside competitor.
Which type of evidence should a forensics investigator use to identify the source of the hack?
A Disk drive backups
B Network transaction logs
C Browser history
D Email headers
B
A forensic scientist arrives at a crime scene to begin collecting evidence.
What is the first thing the forensic scientist should do?
A Turn off the power to the entire area being examined
B Unplug all network connections so data cannot be deleted remotely
3
, Page 4 of 144
C Gather up all physical evidence and move it out as quickly as possible
D Photograph all evidence in its original place
D Photograph all evidence in its original place
Which method of copying digital evidence ensures proper evidence collection?
A Make the copy using file transfer
B Copy files using drag and drop
C Make the copy at the bit-level
D Copy the logical partitions
C Make the copy at the bit-level
A computer involved in a crime is infected with malware. The computer is on and connected
to the company's network. The forensic investigator arrives at the scene.
Which action should be the investigator's first step?
A Remove the malware and secure the computer.
B Unplug the computer's power cord.
C Unplug the computer's Ethernet cable.
D Label all the attachments and secure the computer.
C Unplug the computer's Ethernet cable.
What are the three basic tasks that a systems forensic specialist must keep in mind when
handling evidence during a cybercrime investigation?
Answer options may be used more than once or not at all. Select your answers from the pull-
down list.
1 Preserve evidence
4
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller eddietaylor. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $22.99. You're not tied to anything after your purchase.