CYBER FORENSIC MCQs
|
Q Which of the following is not a type of cybercrime? A Data theft B Forgery C Damage to data and systems D Installing antivirus for
protection |
2 |
Q Which are the following are data compression techniques? A LZW B Huffman coding C RLE D All of the above |
3 |
______ is the process of making an archival
or back up copy of the entire contents of a hard drive. A Investigation B Disk imaging C Formatting D S/w Installation |
4 |
A valid definition of digital
evidence is: a. Data stored or transmitted using a computer b. Information of probative value c. Digital data of probative
value d. Any digital evidence on a computer |
5 |
Q. Computer forensics involves all of the following
stated activities except: a)
extraction of computer data. b)
preservation of computer data. c)
interpretation of computer data d) manipulation of computer data. |
6 |
Q.
In this phase from the collection data identify and extract the pertinent
information using proper forensic tools. a)
Collection b) Examination c)
Analysis d)
Reporting |
7 |
Q.
What things are not recover while investigating the computer fraud: a)
Financial and asset record b)
Accounting software and files c) Photos and diaries of the victim d)
Credit card data |
8 |
Q
.This attack uses a killer packet to flood a system a)
DNS DoS attack b)
The Ping of death attack c)
SYN/LAND attack d)
Teardrop attacks |
9 |
Q.____
types of evidence are collected in
cyber forensic . a)
5 b)
2 c)
3 d) 4 |
10 |
Q.ODD
stand for_____________ in Cyber forensic. a)
Operation Data Directory b) Open Data Duplicator c)
Open Data Device d) Optional Device Driver |
11 |
Q. Wireshark
is a ____________ tool. a)
network protocol analysis b) network connection security c) connection analysis d) defending malicious packet-filtering |
12 |
Q.
Which of the following deals with network intrusion
detection and real-time traffic analysis? a) John the Ripper b) LophtCrack c)
Snort d) Nessus |
13 |
Q In general how many key elements constitute the entire security
structure? a)
1 b)
2 c)
3 d)
4 |
14 |
Q.
According to the CIA Triad, which
of the below-mentioned element is not considered in the triad? a) Confidentiality b) Integrity c)
Authenticity d) Availability
|
15 |
Q.
CIA triad is also known as ________ a) NIC (Non-repudiation, Integrity,
Confidentiality) b) AIC (Availability, Integrity, Confidentiality) c) AIN (Availability, Integrity, Non-repudiation) d)
AIC (Authenticity, Integrity, Confidentiality) |
16 |
Q.When
integrity is lacking in a security system, _________ occurs a) Database hacking b) Data deletion c)
Data tampering d) Data leakage |
17 |
Q.
Data ___________ is used to ensure
confidentiality. a)
Encryption b) Locking c) Deleting d) Backup |
18 |
Q.
One common way to maintain data
availability is __________ a) Data clustering b)
Data backup c) Data recovery d) Data Alterin |
19 |
Q. _______
is the practice and precautions taken to protect valuable information from
unauthorised access, recording, disclosure or destruction. a) Network Security b) Database Security c)
Information Security d) Physical Security |
20 |
Q.
From the options below, which of
them is not a vulnerability to information
security? a)
Flood b) without deleting data, disposal of storage
media c) unchanged default password d) latest patches and updates not done |
21 |
Q . _____ platforms are used for safety and
protection of information in the cloud. a) Cloud workload protection platform b) Cloud security protocols c) AWS d) One Drive
|
22 |
Q.Which of the
following information security technology is used for avoiding browser-based hacking? a) Anti-malware in browsers b)
Remote browser access c) Adware remover in browsers d) Incognito mode in a browser |
23 |
Q. The
full form of EDR is _______ a)
Endpoint Detection and recovery b) Early detection and response c) Endpoint Detection and response d) Endless Detection and Recovery |
24 |
Q.Which
of the following is not done in the gaining access phase? a)
Tunnelling b) Buffer overflow c) Session hijacking d) Password cracking |
25 |
Q.
Which of the below-mentioned penetration testing tool is
popularly used in gaining access phase? a)
Maltego b) NMAP c) Metasploit d) Nessus
|
26 |
Q.A _________ can gain access illegally to a
system if the system is not properly tested in scanning and gaining access
phase. a) security officer b)
malicious hacker c) security
auditor d) network analyst |
27 |
Q. Which
of the following is not a type of cyber crime? a) Data theft b) Forgery c) Damage to data and systems d)
Installing antivirus for protection |
28 |
Q.Which of the
following is not a type of peer-to-peer cyber-crime? a) Phishing b) Injecting Trojans to a target victim c) MiTM d)
Credit card details leak in deep web |
29 |
Q.
Cyber-laws are incorporated for
punishing all criminals only. a) TRUE b)
Flase c) both a&b d) non of this
|
30 |
Q. Cyber-crime
can be categorized into ________ types. a) 4 b)
2 c) 3 d) 6 |
31 |
Q.……… is a technique for anonymous communication where messages are
encapsulated in layers. a)
AAAA b)
SMTP
c)
Web Shell
d) Onion Routing |
32 |
Q. ………… meaning how long piece of
information lasts on a system a)
Order of volatility b)
DDOS c)
Honeypot d)
honeystick |
33 |
Q. ………………. Is a file generated records of past events
consist of timestamp a)
Log files b)
Memory files c)
reports d)
Meta data |
34 |
Q. …………. is a suite of tools created by
Sysinternals. a)
Browserhistory b)
Encase c)
FTK d)
pstools |
35 |
Q. ……… is a computer or network setup to
tempt an attacker to do the activity a)
Order of volatility b)
DDOS c)
Honeypot d)
honeystick |
36 |
Computer forensics involves ________ a)
obtaining and analyzing digital information b)
analysis of network traffic c)
protect evidences d)
all of the above |
37 |
AFF stnds for
___________ a)
Advanced Forensics Format b)
Analysis Forensics Format c)
Access Forensics Format d)
Acquire Forensics Format |
38 |
In case of
------------, the evidence is collected from a system where the
microprocessor is running. a)
live acquisition b)
static acquisition c)
sparse acquisition d)
none of the above |
39 |
…………… is a global system for translating IP
addresses to human-readable domain names. a)
TLD b)
Web Shell c)
Whois d)
DNS |
40 |
You begin any computer forensics case by
creating a(n) ____. a) investigation plan b)
risk assessment report c)
evidence custody form d)
investigation report |
41 |
………… are found most commonly in GSM devices
and consist of a microprocessor and 16 KB to 4 MB EEPROM. a) Sim cards b) SDD cards c) MMC cards d) SD cards |
42 |
What
things are not recovered while investigating the computer fraud: a)
Financial and asset record b)
Accounting software and files c) Photos
and diaries of the victim d)
Credit card data |
43 |
What is the full form of FIR? a) False information record b) First Information Record c)
First information report d)
Future information report |
44 |
One common way to
maintain data availability is __________ a) Data clustering b)
Data backup c) Data recovery d)
Data
Altering
|
45 |
_______
is the practice and precautions taken to protect valuable information from unauthorized
access, recording, disclosure or destruction. a) Network Security b) Database Security c)
Information Security d) Physical Security
|
46 |
……………….
Is a file generated record of past
events consisting of a timestamp a) Log Files b)
Memory files c)
reports d)
Meta data
|
47 |
An attempt to harm,
damage or cause threat to a system or network is broadly termed as ______ a) System hijacking b) Cyber-crime c) Cyber Attack d) Digital crime
|
48 |
Computer
forensics involves ________ a) obtaining and analyzing
digital information b)
analysis of network traffic c)
protect evidence d)
Physical Investigation
|
49 |
You begin
any computer forensics case by creating a(n) ____. a) investigation plan b)
risk assessment report c)
evidence custody form d) investigation report
|
50 |
Computer
forensics involves all of the following stated activities except: a)
extraction of computer data. b)
interpretation of computer data. c)
preservation of computer data. d)
manipulation of computer data.
|
51 |
Examples
of digital forensic tools include _____. a)
EnCase b)
Memory c)
RAM d)
OS
|
52 |
Which of the following is a proper search technique? A.
Manual Browsing B.
Keyword Search C.
Regular Expression Search D.
All of the above
|
53 |
A forensic
drive before using it? A.
Chain of Custody B.
No need to wipe C.
Different file and operating systems D.
Cross-contamination
|
|
No comments: