SCIA 470 Chapter 3

Description

Chapters 1-5
Tyler Rock
Flashcards by Tyler Rock, updated more than 1 year ago
Tyler Rock
Created by Tyler Rock about 5 years ago
94
0

Resource summary

Question Answer
An investigator wants to capture all data on a SATA drive connected to a Linux system. What should the investigator use for the "if=" portion of the dcfldd command? A. /dev/hda B. /dev/hda1 C. ​/dev/sda D. ​/dev/sda1 C. ​/dev/sda
​To create a new primary partition within the fdisk interactive utility, which letter should be typed? A. c B. p C. l D. n D. n
​What is the name of the Microsoft solution for whole disk encryption? A. ​DriveCrypt B. ​TrueCrypt C. ​BitLocker D. SecureDrive C. ​BitLocker
​Which RAID type provides increased speed and data storage capability, but lacks redundancy? A. RAID 0 B. ​RAID 1 C. RAID 0+1 D. RAID 5 A. RAID 0
​Which open-source acquisition format is capable of producing compressed or uncompressed image files, and uses the .afd extension for segmented image files? A. Advanced Forensics Disk B. ​Advanced Forensic Format C. ​Advanced Capture Image D. Advanced Open Capture B. ​Advanced Forensic Format
​Which option below is not a hashing function used for validation checks? A. RC4 B. MD5 C. SHA-1 D. CRC32 A. RC4
​Which technology below is not a hot-swappable technology? A. USB-3 B. FireWire 1394A C. SATA D. ​IDE D. ​IDE
The Linux command _____ can be used to write bit-stream data to files.​ A. write B. dd C. cat D. dump B. dd
The Linux command _______ can be used to list the current disk devices connected to the computer. A. ls -l B. fdisk -l C. show drives D. geom B. fdisk -l
The _______ command was developed by Nicholas Harbour of the Defense Computer Forensics Laboratory. A. dd B. split C. dcfldd D. echo C. dcfldd
The _______ copies evidence of intrusions to an investigation workstation automatically for further analysis over the network. A. intrusion detection system B. active defense mechanism C. total awareness system D. ​intrusion monitoring system A. intrusion detection system
The _______ switch can be used with the split command to adjust the size of segmented volumes created by the dd command. A. -p B. -s C. -b D. -s C. -b
When using a target drive that is FAT32 formatted, what is the maximum size limitation for split files?​ A. 512 MB B. 2 GB C. 1 TB D. 1 PB B. 2 GB
Which RAID type utilizes a parity bit and ​allows for the failure of one drive without losing data? A. RAID 1 B. RAID 2 C. RAID 3 D. RAID 5 D. RAID 5
Which RAID type utilizes mirrored striping, providing fast access and redundancy?​ A. RAID 1 B. RAID 3 C. RAID 5 D. RAID 10 D. RAID 10
Which option below is not a Linux Live CD meant for use as a digital forensics tool?​ A. Penguin Sleuth B. Kali Linux C. Ubuntu D. CAINE C. Ubuntu
Within the fdisk interactive menu, what character should be entered to view existing partitions?​ A. l B. p C. o D. d C. o
_______ can be used with the dcfldd command to compare an image file to the original medium. A. compare B. ​cmp C. ​vf D. imgcheck C. ​vf
_______ creates a virtual volume of a RAID image file, and then makes repairs on the virtual volume, which can then be restored to the original RAID. A. Runtime Software​ B. RaidRestore C. R-Tools R-Studio D. FixitRaid C. R-Tools R-Studio
_______ is the utility used by the ProDiscover program for remote access. A. SubSe7en B. ​l0pht C. PDServer D. VNCServer C. PDServer
Show full summary Hide full summary

Similar

Disaster- Test 1 Disaster Medicine- PMU- 3rd Year
Med Student
SCIA 360 Chapter 3
Tyler Rock
SCIA 360 Chapter 4
Tyler Rock
SCIA 360 Chapter 1
Tyler Rock
SCIA 360 Chapter 2
Tyler Rock
SCIA 360 Chapter 5
Tyler Rock
Health Assessment Exam 1
Harry Westbrooks
Testing Site
CDismang
SCIA 370 Chapter 1
Tyler Rock
I Phone
ucmasaecs
Art of the Baroque
Jennifer Born