When obtaining a warrant, it is important to:

particularlydescribe the place to be searched and particularly describe the items to be seized

generallydescribe the place to be searched and particularly describe the items to be seized

generallydescribe the place to be searched and generally describe the items to be seized

particularlydescribe the place to be searched and generally describe the items to be seized

What is one method of bypassing a system BIOS password?

Login to Windows and disable the BIOS password

Analyze the hex representation of mysql-bin.000013 file in the screenshot below. Which of the following will be an inference from this analysis?

A WordPress user has been created with the username bad_guy

A user with username bad_guy has logged into the WordPress web application

A WordPress user has been created with the username anonymous_hacker

An attacker with name anonymous_hacker has replaced a user bad_guy in the WordPress database

You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using ldp.exe. What are you trying to accomplish here?

Enumerate domain user accounts and built-in groups

Poison the DNS records with false records

Enumerate MX and A records from DNS

Establish a remote connection to the Domain Controller

Which type of attack is possible when attackers know some credible information about the victim's password, such as the password length, algorithms involved, or the strings and characters used in its creation?

Hybrid Password Guessing Attack

What does the part of the log, “% SEC-6-IPACCESSLOGP”, extracted from a Cisco router represent? options buffers were available

A packet matching the log criteria for the given access list has been detected (TCP or UDP)

The system was not able to process the packet because there was not enough room for all of the desired IP header

Immediate action required messages

Some packet-matching logs were missed because the access list log messages were rate limited, or no access list log

An investigator has found certain details after analysis of a mobile device. What can reveal the manufacturer information?

Equipment Identity Register (EIR)

International mobile subscriber identity (IMSI)

Integrated circuit card identifier (ICCID)

Watson, a forensic investigator, is examining a copy of an ISO file stored in CDFS format. What type of evidence is this?

Data from a CD copied using Windows

Data from a CD copied using Mac-based system

Data from a DVD copied using Windows system

Data from a CD copied using Linux system

companyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware.

Reviewing the firewalls configuration

Data items and vulnerability scanning

Interviewing employees and network engineers

If a PDA is seized in an investigation while the device is turned on, what would be the proper procedure?

Turn off the device immediately

Remove any memory cards immediately

Which of the following is a responsibility of the first responder?

Collect as much information about the incident as possible

Determine the severity of the incident

Share the collected information to determine the root cause

To reach a bank web site, the traffic from workstations must pass through a firewall. You have been asked to review the firewall configuration to ensure that workstations in network 10.10.10.0/24 can only reach the bank web site 10.20.20.1 using https. Which of the following firewall rules meets this requirement?

if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permit

if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 80 or 443) then permit

if (source matches 10.10.10.0 and destination matches 10.20.20.1 and port matches 443) then permit

Donald made an OS disk snapshot of a compromised Azure VM under a resource group being used by the affected company as a part of forensic analysis process. He then created a vhd file out of the snapshot and stored it in a file share and as a page blob as backup in a storage account under different region. What Is the next thing he should do as a security measure?

Delete the OS disk of the affected VM altogether

Recommend changing the access policies followed by the company

Delete the snapshot from the source resource group

Create another VM by using the snapshot

William is examining a log entry that reads 192.168.0.1 - - [18/Jan/2020:12:42:29 +0000) "GET / HTTP/1.1" 200 1861. Which of the following logs does the log entry belong to?

The combined log format of Apache access log

The common log format of Apache access log

What will the following Linux command accomplish? dd if=/dev/mem of=/home/sam/mem.bin bs=1024

Copy the running memory to a file

Copy the master boot record to a file

Copy the contents of the system folder to a file

Copy the memory dump file to an image file

CHFI new part 2

Authored by Hoàng Trần

Computers

Professional Development

Used 1+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

120 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What technique is used by JPEGs for compression?

ZIP

TCD

DCT

TIFF-8

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

When using an iPod and the host computer is running Windows, what file system will be used?

iPod+

HFS

FAT16

FAT32

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Smith is an IT technician that has been appointed to his company's network vulnerability assessment team. He is the only IT employee on the team. The other team members include employees from Accounting, Management, Shipping, and Marketing. Smith and the team members are having their first meeting to discuss how they will proceed. What is the first step they should do to create the network vulnerability assessment plan?

Their first step is to make a hypothesis of what their final findings will be.

Their first step is to create an initial Executive report to show the management team.

Their first step is to analyze the data they have currently gathered from the company or interviews.

Their first step is the acquisition of required documents, reviewing of security policies and compliance.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You have used a newly released forensic investigation tool, which doesn't meet the Daubert Test, during a case. The case has ended-up in court. What argument could the defense make to weaken your case?

The tool hasn't been tested by the International Standards Organization (ISO)

Only the local law enforcement should use the tool

The total has not been reviewed and accepted by your peers

You are not certified for using the tool

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You are assisting a Department of Defense contract company to become compliant with the stringent security policies set by the DoD. One such strict rule is that firewalls must only allow incoming connections that were first initiated by internal computers. What type of firewall must you implement to abide by this policy?

Packet filtering firewall

Circuit-level proxy firewall

Application-level proxy firewall

Stateful firewall

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive foot printing against their Web servers. What tool should you use?

Ping sweep

Nmap

Netcraft

Dig

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

While looking through the IIS log file of a web server, you find the following entries: What is evident from this log file?

Web bugs

Cross site scripting

Hidden fields

SQL injection is possible

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

125 questions

Generative AI Quiz

Quiz

•

Professional Development

119 questions

MOC20345

Quiz

•

Professional Development

125 questions

Gestión Tecnologica 2

Quiz

•

Professional Development

Popular Resources on Wayground

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Computers

44 questions

Would you rather...

Quiz

•

Professional Development

20 questions

Black History Month Trivia Game #1

Quiz

•

Professional Development

12 questions

Mardi Gras Trivia

Quiz

•

Professional Development

14 questions

Valentine's Day Trivia!

Quiz

•

Professional Development

7 questions

Copy of G5_U5_L14_22-23

Lesson

•

KG - Professional Dev...

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

11 questions

NFL Football logos

Quiz

•

KG - Professional Dev...

12 questions

Valentines Day Trivia

Quiz

•

Professional Development

CHFI new part 2

What technique is used by JPEGs for compression?

When using an iPod and the host computer is running Windows, what file system will be used?

You have used a newly released forensic investigation tool, which doesn't meet the Daubert Test, during a case. The case has ended-up in court. What argument could the defense make to weaken your case?

While looking through the IIS log file of a web server, you find the following entries: What is evident from this log file?

Which of the following technique creates a replica of an evidence media?

An investigator has extracted the device descriptor for a 1GB thumb drive that looks like: Disk&Ven_Best_Buy&Prod_Geek_Squad_U3&Rev_6.15. What does the “Geek_Squad” part represent?

When obtaining a warrant, it is important to:

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers