1) A chronological record outlining persons in possession of evidence is referred to as: a) Proxy list b) Order of volatility c) Access log d) Chain of custody 2) In forensic procedures, a sequence of steps in which different types of evidence should be collected is known as a) Order of volatility b) Layered security c) Chain of custody d) Transitive access 3) Which of the following answers refers to an example order of volatility for a typical computer system? a) Cache memory -> RAM -> Disk files -> Temporary files -> Swap/Pagefile -> Archival media b) Archival media -> Disk files -> Temporary files -> Swap/Pagefile -> RAM -> Cache memory c) Cache memory -> RAM -> Swap/Pagefile -> Temporary files -> Disk files -> Archival media d) Temporary files -> RAM -> Cache memory -> Swap/Pagefile -> Archival media -> Disk files 4) Which of the following can be used to validate the origin (provenance) of digital evidence? a) Hashing b) Tokenization c) Salting d) Metadata examination 5) The process of searching, collecting, and securing electronic data with the intent of using it in a legal proceeding or investigation is known as: a) OSINT b) E-discovery c) White-hat hacking d) Active reconnaissance 6) Which of the following forensic utilities enables the extraction of RAM contents? a) Memdump b) WinHex c) FTK imager d) Autopsy

CompTIA Security+ Digital Forensics

Bestenliste

Visueller Stil

Einstellungen

Vorlage ändern

Soll die automatisch gespeicherte Aktivität wiederhergestellt werden?