Digital forensics is all of them except:

A. Extraction of computer data.

B. Preservation of computer data.

C. Interpretation of computer data.

D. Manipulation of computer

data. Ans:D

2. IDIP stands for

A. Integrated Digital Investigation Process.

B. Integrated Data Investigator Process.

C. Integrated Digital Investigator Process.

D. Independent Digital Investigator Process.

Ans: A

3. Who proposed Road Map for Digital Forensic Research (RMDFR)

A. G.Gunsh.

B. S.Ciardhuain

C. J.Korn.

D. G.Palmar

Ans: D

4. Investigator should satisfy following points:

A. Contribute to society and human being.

B. Avoid harm to others.

C. Honest and trustworthy.

D. All of the

above Ans: D

5. In the past, the method for expressing an opinion has been to frame a question

based on available factual evidence.

B. Nested

C. Challenging

D. Contradictory

Ans: A

6. More subtle because you are not aware that you are running these macros
(the document opens

and the application automatically runs); spread via email

A. The purpose of copyright

B. Danger of macro viruses

C. Derivative works

D. computer-specific crime

Ans: B

7. There are three c's in computer forensics. Which is one of the three?

A. Control

B. Chance

C. Chains

D. Core

Ans: A

8. When Federal Bureau Investigation program was

created? A.1979

B.1984

C.1995

D.1989

Ans:B
9. When the field of PC forensics

began? A.1960's

B.1970's

C.1980's

D.1990's

Ans: C

10. What is the most significant legal issue in computer forensics?

A. Preserving Evidence

B. Seizing Evidence

C. Admissibility of Evidence

D. Discovery of

Evidence Ans: C

11. phase includes putting the pieces of a digital puzzle together and

developing investigative hypotheses

A. Preservation phase

B. Survey phase

C. Documentation phase

D. Reconstruction phase

E. Presentation

phase Ans: D

12. In phase investigator transfers the relevant data from a venue out of physical

or administrative control of the investigator to a controlled location

A. Preservation phase

B. Survey phase
C. Documentation phase

D. Reconstruction phase

E. Presentation

phase Ans:B

13. forensics do not involve activity.

A. Preservation of computer data.

B. Exraction of computer data.

C. Manipulation of computer data.

D. Interpretation of computer data.

Ans: C

14. Which of following is not a rule of digital forensics?

A. An examination should be performed on the original data

B. A copy is made onto forensically sterile media. New media should always be

used if available.

C. The copy of the evidence must be an exact, bit-by-bit copy

D. The examination must be conducted in such a way as to prevent any modification of

the evidence.

Ans: A

15. To collect and analyze the digital evidence that was obtained from the
physical investigation

phase, is the goal of which phase?

A. Physical crime investigation

B. Digital crime investigation.

D. Deployment

phase. Ans: B

16. To provide mechanism to an incident to be detected and confirmed is purpose of

which phase?

A. Physical crime investigation

B. Digital crime investigation.

C. Review phase.

D. Deployment

phase. Ans: D

17. Which phase entails a review of the whole investigation and identifies
area of improvement?

A. Physical crime investigation

B. Digital crime investigation.

C. Review phase.

D. Deployment

phase Ans: C

18. is known as father of computer forensic.

A. G. Palmar

B. J. Korn

C. Michael Anderson

D. S.Ciardhuain.

Ans: C

19. is well established science where various contribution have been made

A. Forensic

B. Crime
C. Cyber Crime

D. Evidence

Ans: A

20. Who proposed End to End Digital Investigation Process (EEDIP)?

A. G. Palmar

B. Stephenson

C. Michael Anderson

D. S.Ciardhuain

Ans: B

21. Which model of Investigation proposed by Carrier and Safford?

A. Extended Model of Cybercrime Investigation (EMCI)

B. Integrated Digital Investigation Process(IDIP)

C. Road Map for Digital Forensic Research (RMDFR)

D. Abstract Digital Forensic Model

(ADFM) Ans: B

22. can makes or breaks investigation.

A. Crime

B. Security

C: Digital

Forensic D:

Evidence

Ans: D

23. is software that blocks unauthorized users from connecting to your computer.

A. Firewall

B. Ǫuick lauch

C. OneLogin
D. Centrify

Ans: A

24. Which of following are general Ethical norms for Investigator?

A. To contribute to society and human being.

B. To avoid harm to others.

C. To be honest and trustworthy.

D. All of above

E. None of

above Ans: D

25. Which of following are Unethical norms for Investigator?

A. Uphold any relevant evidence.

B. Declare any confidential matters or knowledge.

C. Distort or falsify education, training, credentials.

D. All of above

E. None of

above Ans: D

26. Which of following is a not unethical norm for Digital Forensics Investigation?

A. Uphold any relevant evidence.

B. Declare any confidential matters or knowledge.

C. Distort or falsify education, training, credentials.

D. To respect the privacy of

others. Ans: D

27. What is called as the process of creation a duplicate of digital media for

purpose of examining it?

A. Acquisition.
B. Steganography.

C. Live analysis

D. Hashing.

Ans: A

28. What are the important parts of the mobile device which used in Digital forensic?

A. SIM

B. RAM

C.ROM.

D.EMMC chip

Ans: D

29. Using what, data hiding in encrypted images be carried out in digital forensics?

A. Acquisition.

B. Steganography.

C. Live analysis

D. Hashing.

And: B

30. Which of this is not a computer crime?

A. e-mail harassment

B. Falsification of data.

C. Sabotage.

D. Identification of data

Ans. D

31. Which file is used to store the user entered password?

A. .exe

B. .txt
C. .iso

D. .sam

Ans: D

32. searches through raw data on a hard drive without using a file system.

A. Data mining

B. Data carving

C. Meta data

D. Data Spoofing.

Ans: B

33. What is first step to Handle Retrieving Data from an Encrypted Hard Drive?

A. Formatting disk

B. Storing data

C. Finding configuration files.

D. Deleting

files. Ans: C