Windows Forensics
Authored by dono pradana
Computers
University
Used 3+ times
AI Actions
Add similar questions
Adjust reading levels
Convert to real-world scenario
Translate activity
More...
Content View
Student View
10 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
45 sec • 1 pt
What does the netstat command with the -ano options display?
Network information
Open files on the system
Process information
Dump File
2.
MULTIPLE CHOICE QUESTION
45 sec • 1 pt
Which tool can be used to examine the contents of an ESE database file?
ESEDatabaseView
DumpChk
DriveLetterView
Process Dumper
3.
MULTIPLE CHOICE QUESTION
45 sec • 1 pt
What is the purpose of examining Windows crash dumps in forensic investigation?
To diagnose and identify bugs in a program
To collect information about network connections
To extract data from the Windows registry
To determine the system uptime
4.
MULTIPLE CHOICE QUESTION
45 sec • 1 pt
Which command can be used to dump the memory of a process?
PsLoggedOn
netstat
adplus.vbs
Userdump.exe
5.
MULTIPLE CHOICE QUESTION
45 sec • 1 pt
What is the purpose of collecting slack space in forensic investigation?
To determine the system uptime
To identify the logged-on users
To locate open files on the system
To retrieve data from previously deleted files
6.
MULTIPLE CHOICE QUESTION
45 sec • 1 pt
Which tool can be used to examine the contents of a Windows search index?
ESEDatabaseView
DumpChk
DriveLetterView
Process Dumper
7.
MULTIPLE CHOICE QUESTION
45 sec • 1 pt
Which tool can be used to analyze RAM dumps?
Belkasoft RAM Capturer
AccessData FTK Imager
Redline
Hex Workshop
Access all questions and much more by creating a free account
Create resources
Host any resource
Get auto-graded reports
Continue with Google
Continue with Email
Continue with Classlink
Continue with Clever
or continue with
Microsoft
%20(1).png)
Apple
Others
Already have an account?
