Axiom Exam Study Guide with Complete SolutionsAxiom Exam Study Guide with Complete SolutionsAxiom Exam Study Guide with Complete Solutions
When setting up a new case in Magnet AXIOM process, can you specify separate locations for the case files and the evidence files? - ANSWER - Yes
Which types...
Axiom Exam Study Guide with
Complete Solutions
When setting up a new case in Magnet AXIOM process, can you specify separate
locations for the case files and the evidence files? - ANSWER - Yes
Which types of devices can be imaged using Magnet AXIOM Process? - ANSWER -
Hard Drives, Thumb Drives, iOS Phones, Android phones
Is it possible to only scan Volume Shadow Copies from a drive? - ANSWER - Yes
Which option should be used when loading in data from an iOS or Android device? -
ANSWER - Mobile
Can Magnet AXIOM Process filter files via hash values? - ANSWER - Yes
What are the two main programs of the AXIOM forensics suite? - ANSWER - Examine
& Process
AXIOM will run natively on a Mac computer. - ANSWER - False
AXIOM Process and AXIOM Examine both can be run through a virtual machine. -
ANSWER - True
What are the three distinct steps of the forensic process? - ANSWER - Acquisition or
Extraction
Processing
Analysis
,You are working a case and want to know if AXIOM supports extracting artifacts from
the app Yik Yak. What documentation can you view to determine if Yik Yak is
supported? - ANSWER - Artifact reference
From a Windows PreFetch file, it is possible to determine when a program was run. -
ANSWER - True
While of the following locations would NOT contain information related to external
devices connected to a computer?
USBSTOR in the Windows registry
SAM in the Windows registry
NTUSER.DAT file in the Windows registry
setupapi.dev.log - ANSWER - SAM
What three licensing options are available for the user to license Magnet Forensics
AXIOM? - ANSWER - License Key, Network Server, Axiom USB
AXIOM Process allows the user to set up the data for Acquisition (imaging) and
Processing in the same single step. - ANSWER - True
When setting up an item of evidence for processing, what two options are available?
- ANSWER - Load Evidence
Acquire Evidence
During setup for processing, the user can specify the Search Type to be conducted
on an item of digital evidence. - ANSWER - True
Which type of file on a Windows computer keeps track of folder views, sizes, and
positions when viewed through Windows Explorer? - ANSWER - Shellbag
When examining Operating System artifacts, there are frequently duplicate
artifacts. Why is this? - ANSWER - This is due to the fact that the registry
automatically backs itself up and saves a copy to \Windows\System32\Config\
RegBak.
, What is the Windows Registry? - ANSWER - A hierarchical database that stores
configuration information.
You can specify that keyword searches be run against either Artifacts or All Content.
- ANSWER - True
You suspect that a user has an encrypted mobile backup on their computer. You
have a list of ten possible passwords. How should you configure the options for
processing the computer to ensure that you get the information from the backups? -
ANSWER - Check "Search Mobile Backups" and then enter each password that you
have in the Mobile Backup Passwords box.
When using Magnet.AI to categorize chats, the AI analysis is based on individual
messages and not on the entire chat conversation. - ANSWER - False
The app Club Penguin is found on a suspect's phone. Through research, you
determine that AXIOM does not support the app and that the app stores information
in a SQLite database. What option can you select during processing to seek out the
Club Penguin database? - ANSWER - Dynamic App Finder
It is possible to add evidence to a case that has already been processed. - ANSWER
- True
If the option "Automatically Build Connections" is checked, connections will
automatically be built during the first processing of the case but will NOT be built if
any additional evidence is added to the case. - ANSWER - False
When in File System view, it is possible to view all sub-folders of the main folder
that you are clicked on? - ANSWER - Yes
From the Case Dashboard, you chose the option "Categorize pictures with
Magnet.AI." Which of the following options are available for categorization? -
ANSWER - All pictures
Which two hash formats does AXIOM use? - ANSWER - MD5 SHA1
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper NursingTutor1. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €12,31. Je zit daarna nergens aan vast.
