Network Security Final Exam - 768 Verified Questions

Page 1

Network Security Final Exam

Course Introduction

Network Security explores the principles and practices of protecting information and resources across computer networks. The course covers fundamental concepts such as cryptography, authentication, firewalls, intrusion detection and prevention systems, virtual private networks (VPNs), and secure protocols. Students examine common threats and vulnerabilities, attack methodologies, risk management, and policy development. Through case studies and practical exercises, participants will gain hands-on experience in designing and implementing security solutions to safeguard data integrity, confidentiality, and availability within local and wide-area network environments.

Recommended Textbook

Guide to Computer Forensics and Investigations 4th Edition by Bill Nelson

Available Study Resources on Quizplus

16 Chapters

768 Verified Questions

768 Flashcards

Source URL: https://quizplus.com/study-set/1690

Page 2

Chapter 1: Computer Forensics and Investigations As a Profession

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33478

Sample Questions

Q1) Mention examples of groups that should have direct authority to request computer investigations in the corporate environment.

Answer: Examples of groups that should have direct authority to request computer investigations in the corporate environment include the following:

* Corporate Security Investigations

* Corporate Ethics Office

* Corporate Equal Employment Opportunity Office

* Internal Auditing

* The general counsel or Legal Department

Q2) When you work in the ____________________ group, you test and verify the integrity of standalone workstations and network servers.

Answer: vulnerability assessment and risk management

Q3) The law of search and seizure protects the rights of all people, excluding people suspected of crimes.

A)True

B)False

Answer: False

To view all questions and flashcards with answers, click on the resource link above.

Page 3

Chapter 2: Understanding Computer Investigations

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33479

Sample Questions

Q1) In any computing investigation, you should be able to repeat the steps you took and produce the same results. This capability is referred to as ____.

A) checked values

B) verification

C) evidence backup

D) repeatable findings

Answer: D

Q2) an older computer forensics tool

A)FTK's Internet Keyword Search

B)Data recovery

C)Free space

D)Interrogation

E)Forensic workstation

F)Norton DiskEdit

G)MS-DOS 6.22

H)Multi-evidence form

I)Self-evaluation

Answer: F

Q3) A(n) ____________________ lists each piece of evidence on a separate page. Answer: single-evidence form

To view all questions and flashcards with answers, click on the resource link above. Page 4

Chapter 3: The Investigators Office and Laboratory

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33480

Sample Questions

Q1) ____ are generated at the federal, state, and local levels to show the types and frequency of crimes committed.

A) HTCN reports

B) IDE reports

C) Uniform crime reports

D) ASCLD reports

Answer: C

Q2) One way to investigate older and unusual computing systems is to keep track of ____ that still use these systems.

A) AICIS lists

B) uniform reports

C) SIGs

D) Minix

Answer: C

Q3) Requirements for taking the EnCE certification exam depend on taking the Guidance Software EnCase training courses.

A)True

B)False

Answer: False

To view all questions and flashcards with answers, click on the resource link above.

Page 5

Chapter 4: Data Acquisition

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33481

Sample Questions

Q1) What are the considerations you should have when deciding what data-acquisition method to use on your investigation?

Q2) SnapBack DatArrest can perform a data copy of an evidence drive in ____ ways.

A) two

B) three

C) four

D) five

Q3) The ____ command displays pages from the online help manual for information on Linux commands and their options.

A) cmd

B) hlp

C) inst

D) man

Q4) The most common and flexible data-acquisition method is ____.

A) Disk-to-disk copy

B) Disk-to-network copy

C) Disk-to-image file copy

D) Sparse data copy

Q5) What are the advantages and disadvantages of using raw data acquisition format?

Q6) What are some of the design goals of AFF?

To view all questions and flashcards with answers, click on the resource link above. Page 6

Chapter 5: Processing Crime and Incident Scenes

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33482

Sample Questions

Q1) ____ records are data the system maintains, such as system log files and proxy server logs.

A) Computer-generated

B) Business

C) Computer-stored

D) Hearsay

Q2) you should rely on this when dealing with a terrorist attack

A)Innocent information

B)AFIS

C)EnCase Enterprise Edition

D)FOIA

E)IOCE

F)Low-level investigations

G)Hearsay

H)Spector

I)HAZMAT

Q3) A judge can exclude evidence obtained from a poorly worded warrant.

A)True

B)False

Q4) How can you determine who is in charge of an investigation?

To view all questions and flashcards with answers, click on the resource link above. Page 7

Chapter 6: Working With Windows and Dos Systems

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33483

Sample Questions

Q1) On Windows and DOS computer systems, the ____________________ stores information about partitions on a disk and their locations, size, and other important items.

Q2) ____________________ refers to a disk's structure of platters, tracks, and sectors.

Q3) Briefly explain NTFS compressed files.

Q4) Microsoft's move toward a journaling file system

A)File system

B)Tracks

C)Track density

D)Partition gap

E)Drive slack

F)NTFS

G)Unicode

H)Data streams

I)BitLocker

Q5) What are some of the features offered by current whole disk encryption tools?

Q6) What are BitLocker's current hardware and software requirements?

Q7) What are some of the components of a disk drive?

Q8) Summarize the evolution of FAT versions.

To view all questions and flashcards with answers, click on the resource link above. Page 8

Chapter 7: Current Computer Forensics Tools

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33484

Sample Questions

Q1) In general, forensics workstations can be divided into ____ categories.

A) 2

B) 3

C) 4

D) 5

Q2) Although a disk editor gives you the most flexibility in ____, it might not be capable of examining a ____ file's contents.

A) testing, compressed

B) scanning, text

C) testing, pdf

D) testing, doc

Q3) Illustrate the use of a write-blocker on a Windows environment.

Q4) Explain the validation of evidence data process.

Q5) Many vendors have developed write-blocking devices that connect to a computer through FireWire,____ 2.0,and SCSI controllers.

A) USB

B) IDE

C) LCD

D) PCMCIA

To view all questions and flashcards with answers, click on the resource link above. Page 9

Chapter 8: Macintosh and Linux Boot Processes and File Systems

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33485

Sample Questions

Q1) ____________________ is a journaling version of Ext2fs that reduces file recovery time after a crash.

Q2) LILO uses a configuration file named ____ located in the /Etc directory.

A) Lilo.conf

B) Boot.conf

C) Lilo.config

D) Boot.config

Q3) GPL and BSD variations are examples of open-source software.

A)True

B)False

Q4) Write a brief history of SCSI.

Q5) On older Macintosh OSs all information about the volume is stored in the ____.

A) Master Directory Block (MDB)

B) Volume Control Block (VCB)

C) Extents Overflow File (EOF)

D) Volume Bitmap (VB)

Q6) The Macintosh file system has ____________________ descriptors for the end of file (EOF).

Q7) CD players that are 12X or faster read discs by using a(n) _____________________ system. Page 10

To view all questions and flashcards with answers, click on the resource link above. Page 11

Chapter 9: Computer Forensics Analysis and Validation

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33486

Sample Questions

Q1) How should you approach a case in which an employee is suspected of industrial espionage?

Q2) AccessData ____ compares known file hash values to files on your evidence drive or image files to see whether they contain suspicious data.

A) KFF

B) PKFT

C) NTI

D) NSRL

Q3) A nonsteganographic graphics file has a different size than an identical steganographic graphics file.

A)True

B)False

Q4) To generate reports with the FTK ReportWizard, first you need to ____________________ files during an examination.

Q5) What are the file systems supported by FTK for forensic analysis?

Q6) For most law-enforcement-related computing investigations, the investigator is limited to working with data defined in the search ____________________.

Q7) Briefly describe how to use steganography for creating digital watermarks.

Page 12

To view all questions and flashcards with answers, click on the resource link above.

Chapter 10: Recovering Graphics Files

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33487

Sample Questions

Q1) ____ images store graphics information as grids of individual pixels.

A) Bitmap

B) Raster

C) Vector

D) Metafiles

Q2) If a graphics file is fragmented across areas on a disk, first you must recover all the fragments to re-create the file.

A)True

B)False

Q3) combinations of bitmap and vector images

A)Pixels

B)Hex Workshop

C)Adobe Illustrator

D)Microsoft Office Picture Manager

E)JPEG

F)Steganalysis tools

G)GIMP

H)XIF

I)Metafile graphics

Q4) Explain how steganalysis tools work.

To view all questions and flashcards with answers, click on the resource link above. Page 13

Chapter 11: Virtual Machines, Network Forensics, and Live Acquisitions

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33488

Sample Questions

Q1) helps manage snort rules so that you can specify what items to ignore as regular traffic and what items should raise alarms

A)Cyberforensics

B)Ethereal

C)Tripwire

D)PsGetSid

E)PsLoggedOn

F)Trojan horse

G)Knoppix

H)PsShutdown

I)oinkmaster

Q2) When are live acquisitions useful?

Q3) The ____ Project was developed to make information widely available in an attempt to thwart Internet and network hackers.

A) Honeynet

B) Honeypot

C) Honeywall

D) Honeyweb

Q4) What are some of the tools included with Knoppix STD?

To view all questions and flashcards with answers, click on the resource link above. Page 14

Chapter 12: E-Mail Investigations

Available Study Resources on Quizplus for this Chatper

48 Verified Questions

48 Flashcards

Source URL: https://quizplus.com/quiz/33489

Sample Questions

Q1) GroupWise has ____ ways of organizing the mailboxes on the server.

A) 2

B) 3

C) 4

D) 5

Q2) The Novell e-mail server software is called ____.

A) Sendmail

B) GroupWise

C) Sawmill

D) Guardian

Q3) Some e-mail systems store messages in flat plaintext files, known as a(n) ____ format.

A) POP3

B) mbox

C) MIME

D) SMTP

Q4) Administrators usually set e-mail servers to ____________________ logging mode.

Q5) In UNIX e-mail servers, the ____________________ file simply specifies where to save different types of e-mail log files.

Q6) What are the steps for viewing e-mail headers in Hotmail?

To view all questions and flashcards with answers, click on the resource link above. Page 15

Chapter 13: Cell Phone and Mobile Device Forensics

Available Study Resources on Quizplus for this Chatper

37 Verified Questions

37 Flashcards

Source URL: https://quizplus.com/quiz/33490

Sample Questions

Q1) The file system for a SIM card is a ____ structure.

A) volatile

B) circular

C) hierarchical

D) linear

Q2) What is the general procedure to access the content on a mobile phone SIM card?

Q3) Identify several uses of SIM cards.

Q4) Many people store more information on their cell phones than they do on their computers.

A)True

B)False

Q5) Investigating cell phones and mobile devices is a relatively easy task in digital forensics.

A)True

B)False

Q6) Portability of information is what makes SIM cards so versatile.

A)True

B)False

Q7) Mobile devices can range from simple phones to small computers, also called

To view all questions and flashcards with answers, click on the resource link above. Page 16

Chapter 14: Report Writing for High-Tech Investigations

Available Study Resources on Quizplus for this Chatper

48 Verified Questions

48 Flashcards

Source URL: https://quizplus.com/quiz/33491

Sample Questions

Q1) Remember that anything you write down as part of your examination for a report is subject to ____ from the opposing attorney.

A) subpoena

B) discovery

C) publishing

D) deposition

Q2) The ______________________________ system is frequently used when writing pleadings.

Q3) What do you need to consider to produce clear, concise reports?

Q4) A(n) ____ is sworn to under oath (and penalty of perjury or comparable false swearing statute).

A) written report

B) verbal report

C) examination plan

D) cross-examination report

Q5) What are the areas of investigation usually addressed by a verbal report?

Q6) Besides presenting facts, reports can communicate expert opinion.

A)True

B)False

Q7) Explain how to use supportive material on a report.

To view all questions and flashcards with answers, click on the resource link above. Page 17

Chapter 15: Expert Testimony in High-Tech Investigations

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/33492

Sample Questions

Q1) What should you do when you find exculpatory evidence?

Q2) a hashing algorithm

A)Plaintiff

B)Motion in limine

C)Voir dire of venireman

D)Opening statements

E)Discovery deposition

F)CV

G)Testimony preservation deposition

H)Voir dire

I)MD5

Q3) Generally, the best approach your attorney can take in direct examination is to ask you ____ questions and let you give your testimony.

A) setup

B) open-ended

C) compound

D) rapid-fire

Q4) At a trial, _____________________ are statements that organize the evidence and state the applicable law.

To view all questions and flashcards with answers, click on the resource link above. Page 18

Chapter 16: Ethics for the Expert Witness

Available Study Resources on Quizplus for this Chatper

35 Verified Questions

35 Flashcards

Source URL: https://quizplus.com/quiz/33493

Sample Questions

Q1) The ____ Ethics Code cautions psychologists about the limitations of assessment tools.

A) ABA's

B) APA's

C) AMA's

D) ADA's

Q2) Briefly describe the issues related to an attorney's "opinion shopping."

Q3) _____________________ are standards that others apply to you or that you are compelled to adhere to by external forces, such as licensing bodies.

Q4) one of the effects of violating court rules or laws

A)Ethics

B)Federal Rules of Evidence (FRE)

C)Disqualification

D)IACIS

Q5) FRE ____ describes whether basis for the testimony is adequate.

A) 700

B) 701

C) 702

D) 703

Q6) The ____________________ is the foundation of medical ethics.

Page 19

To view all questions and flashcards with answers, click on the resource link above.

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.