Home Computer Science Computer Forensic Ch. 3
Please enter something

Computer Forensic Ch. 3

avatar
Sep 7th, 2023
4.7 (114 reviews)
26 test answers
question
RAID 0
answer
Which RAID type provides increased speed and data storage capability, but lacks redundancy
question
p
answer
Within the fdisk interactive menu, what character should be entered to view existing partitons
question
R-Tools R-Studio
answer
creates a virtual volume of a RAID image file, and then makes repairs on the virtual volume, which can then be restored to the original RAID
question
RAID 5
answer
Which RAID type utilizes a parity bit and allows for the failure of one drive without losing data
question
BitLocker
answer
What is the name of the Microsoft solution for whole disk encryption
question
IDE
answer
is not a hot-swappable technology
question
intrusion detection system
answer
The _______ copies evidence of intrusions to an investigation workstation automatically for further analysis over the network.
question
n
answer
To create a new primary partition within the fdisk interactive utility, which letter should be typed
question
2 GB
answer
When using a target drive that is FAT32 formatted, what is the maximum size limitation for split files
question
Advanced Forensic Format
answer
Which open-source acquisition format is capable of producing compressed or uncompressed image files, and uses the .afd extension for segmented image files
question
vf
answer
can be used with the dcfldd command to compare an image file to the original medium.
question
RAID 10
answer
Which RAID type utilizes mirrored striping, providing fast access and redundancy
question
fdisk -l
answer
The Linux command _______ can be used to list the current disk devices connected to the computer
question
RC4
answer
Which option below is not a hashing function used for validation checks
question
dcfldd
answer
The _______ command was developed by Nicholas Harbour of the Defense Computer Forensics Laboratory.
question
dd
answer
The Linux command _____ can be used to write bit-stream data to files.
question
-b
answer
The _______ switch can be used with the split command to adjust the size of segmented volumes created by the dd command.
question
/dev/sda
answer
An investigator wants to capture all data on a SATA drive connected to a Linux system. What should the investigator use for the if= portion of the dcfldd command
question
PDServer
answer
is the utility used by the ProDiscover program for remote access
question
Ubuntu
answer
Which option below is not a Linux Live CD meant for use as a digital forensics tool
question
Spare acquisition
answer
collects fragments of unallocated data (RAID)
question
RAID 1
answer
Designed for data recovery
question
RAID 2
answer
Data is written to disk on a bit level
question
RAID 3
answer
Uses data stripping and dedicated parity
question
RAID 4
answer
Data is written in blocks
question
RAID 6
answer
Redundant parity on each disk
1 of 26
question
RAID 0
answer
Which RAID type provides increased speed and data storage capability, but lacks redundancy
question
p
answer
Within the fdisk interactive menu, what character should be entered to view existing partitons
question
R-Tools R-Studio
answer
creates a virtual volume of a RAID image file, and then makes repairs on the virtual volume, which can then be restored to the original RAID
question
RAID 5
answer
Which RAID type utilizes a parity bit and allows for the failure of one drive without losing data
question
BitLocker
answer
What is the name of the Microsoft solution for whole disk encryption
question
IDE
answer
is not a hot-swappable technology
question
intrusion detection system
answer
The _______ copies evidence of intrusions to an investigation workstation automatically for further analysis over the network.
question
n
answer
To create a new primary partition within the fdisk interactive utility, which letter should be typed
question
2 GB
answer
When using a target drive that is FAT32 formatted, what is the maximum size limitation for split files
question
Advanced Forensic Format
answer
Which open-source acquisition format is capable of producing compressed or uncompressed image files, and uses the .afd extension for segmented image files
question
vf
answer
can be used with the dcfldd command to compare an image file to the original medium.
question
RAID 10
answer
Which RAID type utilizes mirrored striping, providing fast access and redundancy
question
fdisk -l
answer
The Linux command _______ can be used to list the current disk devices connected to the computer
question
RC4
answer
Which option below is not a hashing function used for validation checks
question
dcfldd
answer
The _______ command was developed by Nicholas Harbour of the Defense Computer Forensics Laboratory.
question
dd
answer
The Linux command _____ can be used to write bit-stream data to files.
question
-b
answer
The _______ switch can be used with the split command to adjust the size of segmented volumes created by the dd command.
question
/dev/sda
answer
An investigator wants to capture all data on a SATA drive connected to a Linux system. What should the investigator use for the if= portion of the dcfldd command
question
PDServer
answer
is the utility used by the ProDiscover program for remote access
question
Ubuntu
answer
Which option below is not a Linux Live CD meant for use as a digital forensics tool
question
Spare acquisition
answer
collects fragments of unallocated data (RAID)
question
RAID 1
answer
Designed for data recovery
question
RAID 2
answer
Data is written to disk on a bit level
question
RAID 3
answer
Uses data stripping and dedicated parity
question
RAID 4
answer
Data is written in blocks
question
RAID 6
answer
Redundant parity on each disk