An investigator has found certain details after analysis of a mobile device. What can reveal the manufacturer information?
Chong-lee, a forensics executive, suspects that a malware is continuously making copies of files and folders on a victim system to consume the available disk space. What type of test would confirm his claim?
Gary is checking for the devices connected to USB ports of a suspect system during an investigation. Select the appropriate tool that will help him document all the connected devices.
What does Locard's Exchange Principle state?
What is the framework used for application development for iOS-based mobile devices?
Which of the following is NOT an anti-forensics technique?
Robert, a cloud architect, received a huge bill from the cloud service provider, which usually doesn't happen. After analyzing the bill, he found that the cloud resource consumption was very high. He then examined the cloud server and discovered that a malicious code was running on the server, which was generating huge but harmless traffic from the server. This means that the server has been compromised by an attacker with the sole intention to hurt the cloud customer financially. Which attack is described in the above scenario?
Which of the following statements is true regarding SMTP Server?
Which of the following tools is used to dump the memory of a running process, either immediately or when an error condition occurs?
Which following forensic tool allows investigator to detect and extract hidden streams on NTFS drive?
For the purpose of preserving the evidentiary chain of custody, which of the following labels is not appropriate?
In Java, when multiple applications are launched, multiple Dalvik Virtual Machine instances occur that consume memory and time. To avoid that. Android Implements a process that enables low memory consumption and quick start-up time. What is the process called?
Data density of a disk drive is calculated by using_______
Simona has written a regular expression for the detection of web application-specific attack attempt that reads as /((\%3C)|
Which set of anti-forensic tools/techniques allows a program to compress and/or encrypt an executable file to hide attack tools from being detected by reverse-engineering or scanning?
