Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

NWIT 263 Midterm Exam: Digital Forensics Concepts and Techniques, Exams of Forensics

Montgomery CollegeForensics

A series of questions and answers related to digital forensics concepts and techniques, covering topics such as evidence handling, data acquisition, file systems, and forensic tools. It provides insights into the challenges and best practices in digital forensics investigations.

Typology: Exams

2024/2025

Available from 02/12/2025

lyudmila-hanae
lyudmila-hanae šŸ‡ŗšŸ‡ø

1

(2)

7.8K documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
NWIT 263 Midterm Exam With Complete Solutions
why must digital forensics labs be physically secure? - ANSWER - so that evidence is
not destroyed
- so that evidence is not corrupted
- so that the evidence is not lost
both public and private sector investigations require search warrants - ANSWER false
how do Microsoft OSs allocate disk space for files? - ANSWER by clusters
what is the biggest challenge when trying to acquire an image from a MAC? - ANSWER
physically accessing the drive
which of the following technologies is used to validate digital evidence? - ANSWER
hashing
where would one find lists of known files hashes for a variety of operating systems,
applications and images? - ANSWER the National Software Reference Library (NSRL)
which is the default file system for today's Linux distributions? - ANSWER ext4
which types of graphics files do digital forensics investigate most? - ANSWER - images
downloaded from the web
- images circulated via email
every Windows file system supports alternate data streams - ANSWER false
pf3

Partial preview of the text

Download NWIT 263 Midterm Exam: Digital Forensics Concepts and Techniques and more Exams Forensics in PDF only on Docsity!

NWIT 263 Midterm Exam With Complete Solutions

why must digital forensics labs be physically secure? - ANSWER - so that evidence is not destroyed

  • so that evidence is not corrupted
  • so that the evidence is not lost

both public and private sector investigations require search warrants - ANSWER false

how do Microsoft OSs allocate disk space for files? - ANSWER by clusters

what is the biggest challenge when trying to acquire an image from a MAC? - ANSWER physically accessing the drive

which of the following technologies is used to validate digital evidence? - ANSWER hashing

where would one find lists of known files hashes for a variety of operating systems, applications and images? - ANSWER the National Software Reference Library (NSRL)

which is the default file system for today's Linux distributions? - ANSWER ext

which types of graphics files do digital forensics investigate most? - ANSWER - images downloaded from the web

  • images circulated via email

every Windows file system supports alternate data streams - ANSWER false

which technology comes with every solid-state storage device and presents a challenge when performing forensic acquisitions due to how it manages the device? - ANSWER wear-leveling

which of the following concepts allows an investigator to enter into evidence something that was not specified in a search warrant but was in direct sight? - ANSWER plain view doctrine

what is the term used when one confirms that a forensic tool is working as intended? - ANSWER validation

what is the first thing a digital forensics examiner would do to identify an unknown file format? - ANSWER search for it on Google

which of the following should a digital forensics investigator NEVER analyze when looking for evidence? - ANSWER the original evidence

which type of forensics must an investigator perform when s/he must capture active TCP sessions? - ANSWER live forensics

what is the term used for any unrelated information that is acquired during acquisition? - ANSWER innocent information

what are the two major categories of digital forensics tools? - ANSWER - software

  • hardware

evidence used in a criminal case cannot be used in a civil suit - ANSWER false

digital forensics investigators perform most of their work in the location the evidence was seized - ANSWER false