WGU Digital-Forensics-in-Cybersecurity - Digital Forensics in Cybersecurity (D431/C840) Course Exam
Total 74 questions
Which characteristic applies to magnetic drives compared to solid-state drives (SSDs)?
How do forensic specialists show that digital evidence was handled in a protected, secure manner during the process of collecting and analyzing the evidence?
The human resources manager of a small accounting firm believes he may have been a victim of a phishing scam. The manager clicked on a link in an email message that asked him to verify the logon credentials for the firm's online bank account.
Which digital evidence should a forensic investigator collect to investigate this incident?
Which law or guideline lists the four states a mobile device can be in when data is extracted from it?
Which method of copying digital evidence ensures proper evidence collection?
How should a forensic scientist obtain the network configuration from a Windows PC before seizing it from a crime scene?
The following line of code is an example of how to make a forensic copy of a suspect drive:
dd if=/dev/mem of=/evidence/image.memory1
Which operating system should be used to run this command?
While collecting digital evidence from a running computer involved in a cybercrime, the forensic investigator makes a list of items that need to be collected.
Which piece of digital evidence should be collected first?
A forensic investigator needs to identify where email messages are stored on a Microsoft Exchange server.
Which file extension is used by Exchange email servers to store the mailbox database?
Which tool should be used with sound files, video files, and image files?
