Digital Forensics MCQ

Question 1 : Choose the role of Computers in a crime:

  1. Evidence, Target, object, and instrumentality, subject contraband, or fruit of crime
  2. Object, evidence, and tool
  3. Symbol, instrumentality, and source of evidence

Question 2 : What is the use of dcfldd ?

  1. Defense computer forensics lab disk duplicator
  2. disk destroyer
  3. disk dynamics
  4. disk doodler

Question 3 : Which of the following is not an example of a computer as weapon cyber-crime?

  1. Credit card fraudulent
  2. Spying someone using
  3. IPR Violation
  4. Pornography

Question 4 : Which of the following is NOT an artifact that will be irrevocably lost if the computer is shut down?

  1. Running processes
  2. Open network ports
  3. Data stored in memory
  4. System date and time

Question 5 : What is used to validate the tools and verify the evidence integrity?

  1. hashing algorithms
  2. steganography
  3. watermarks
  4. digital certificates

Question 6 : Which one of the following is used for encrypted data transfer?

  1. netstat
  2. cryptcat
  3. md5sum
  4. netcat

Question 7 : Choose the command that shows all Registry data in real time on a Windows computer.

  1. PsReg
  2. RegMon
  3. RegExplorer
  4. RegHandle

Question 8 : Choose the term which describes Digital forensics.

  1. Science of collecting and analyzing evidence
  2. process of Chasing the criminal
  3. Process of punishing the culprit
  4. preservation filtering and organization of evidence

Question 9 : A part of overall legal system that deals with cyberspace and there respective legal issues.

  1. Cyber law
  2. Industrial law
  3. Business law
  4. Commercial Law

Question 10 : Which of the following is not done by cyber criminals?

  1. Unauthorized account
  2. Mass attack using
  3. Email spoofing and
  4. Report vulnerability in

Question 11 : Which one of the following stores the boot sector and additional details about the volume?

  1. The first sector of the volume
  2. At offset 0x300 from the beginning of the drive
  3. The last sector of the volume
  4. CMOS

Question 12 : Which of the following is involved in forensic examination?

  1. Assessment, experimentation, fusion, correlation, and validation
  2. Seizure and preservation
  3. Recovery, harvesting, filtering, organization, and search
  4. experimentation, preservation filtering and organization

Question 13 : What is the name of the IT law that India is having in the Indian legislature

  1. India’s Technology (IT)
  2. India’s Digital
  3. India’s Information
  4. The Technology Act,

Question 14 : Which of following is not a rule of digital forensics?

  1. An examination should be performed on the original data
  2. A copy is made onto forensically sterile media. New media should always be used if available.
  3. The copy of the evidence must be an exact, bit-bybit copy
  4. The examination must be conducted in such a way as to prevent any modification of the evidence.

Question 15 : Which of the following is repeated harassing and threatening behavior by one individual against another, aspects of which may be planned or carried out in secret?

  1. Dark figure of crime
  2. Stalking
  3. Light figure of crime
  4. Crime typology

Question 16 : Which tool is used for analysis of forensic image?

  1. FTK Imager
  2. Flawfinder
  3. Nessus
  4. Openstego

Question 17 : Which of the following describes malicious computer programs such as viruses, worms, and Trojan horses?

  1. Software piracy
  2. Malware
  3. Larceny
  4. Arson

Question 18 : Choose the process model whose goal is to completely describe the flow of information in a digital investigation.

  1. The Physical Model
  2. The Staircase Model
  3. The Evidence Flow Model
  4. The Subphase Model

Question 19 : Evidence collected from network device logs are known as.

  1. Flow analysis
  2. Active Acquisition
  3. Modes of detection
  4. Packet analysis

Question 20 : What is the most significant legal issue in computer forensics?

  1. Admissibility of Evidence
  2. Seizing Evidence
  3. Discovery of Evidence
  4. Preserving Evidence

Question 21 : Although it was not designed with evidence collection in mind, which software can still be useful for examining network traffic.

  1. EnCase
  2. FTK
  3. Wireshark

Question 22 : Which one of the following is nothing but volatile data ?

  1. Live data
  2. Hard disk data
  3. File data
  4. Folder data

Question 23 : Which of following is a NOT unethical norm for Digital Forensics Investigation?

  1. Declare any confidential matters or knowledge
  2. To respect the privacy of others
  3. Uphold any relevant evidence
  4. Distort or falsify education, training, credentials.

Question 24 : Which one of the following is used to create an hash of file?

  1. MD5
  2. DD
  3. DoD
  4. Wireshark

Question 25 : Which challenge is faced for controlling access to a digital crime scene ?

  1. Information may be stored on Internet servers in different locations.
  2. The computer may be shared.
  3. The computer case may be locked.
  4. The computer not working
  • chevron_left
  • 1
  • chevron_right