Pass the GIAC Forensics GCFA Questions and answers with CertsForce

Viewing page 6 out of 10 pages
Viewing questions 51-60 out of questions
Questions # 51:

Which of the following is the Windows feature on which the file management can be performed by a PC user?

Options:

A.

Activity Monitor


B.

Task Manager


C.

Windows Explorer


D.

Finder


Expert Solution
Questions # 52:

Adam works as a Computer Hacking Forensic Investigator in a law firm. He has been assigned with his first project. Adam collected all required evidences and clues. He is now required to write an investigative report to present before court for further prosecution of the case. He needs guidelines to write an investigative report for expressing an opinion. Which of the following are the guidelines to write an investigative report in an efficient way?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

All ideas present in the investigative report should flow logically from facts to conclusions.


B.

There should not be any assumptions made about any facts while writing the investigative report.


C.

Opinion of a lay witness should be included in the investigative report.


D.

The investigative report should be understandable by any reader.


Expert Solution
Questions # 53:

Which of the following representatives of incident response team takes forensic backups of the systems that are the focus of the incident?

Options:

A.

Technical representative


B.

Information security representative


C.

Legal representative


D.

Lead investigator


Expert Solution
Questions # 54:

Which of the following tools is used to restore deleted files from Linux and Mac OS X file system?

Options:

A.

Easy-Undelete


B.

Active@ UNERASER


C.

Active@ UNDELETE


D.

R-Undelete


Expert Solution
Questions # 55:

Which of the following diagnostic codes sent by POST to the internal port h80 refers to the system board error?

Options:

A.

200 to 299


B.

100 to 199


C.

400 to 499


D.

300 to 399


Expert Solution
Questions # 56:

Which of the following hardware devices prevents broadcasts from crossing over subnets?

Options:

A.

Bridge


B.

Hub


C.

Modem


D.

Router


Expert Solution
Questions # 57:

Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate and examine drive image of a compromised system, which is suspected to be used in cyber crime. Adam uses Forensic Sorter to sort the contents of hard drive in different categories. Which of the following type of image formats is NOT supported by Forensic Sorter?

Options:

A.

PFR image file


B.

iso image file


C.

RAW image file


D.

EnCase image file


Expert Solution
Questions # 58:

Which of the following are the benefits of information classification for an organization?

Each correct answer represents a complete solution. Choose two.

Options:

A.

It ensures that modifications are not made to data by unauthorized personnel or processes.


B.

It helps identify which information is the most sensitive or vital to an organization.


C.

It helps reduce the Total Cost of Ownership (TCO).


D.

It helps identify which protections apply to which information.


Expert Solution
Questions # 59:

Which of the following is used for remote file access by UNIX/Linux systems?

Options:

A.

NetWare Core Protocol (NCP)


B.

Common Internet File System (CIFS)


C.

Server Message Block (SMB)


D.

Network File System (NFS)


Expert Solution
Questions # 60:

You are responsible for maintaining and troubleshooting PC's at your company. The receptionist reports her screen has gone blue. When you get there you notice the 'blue screen of death' with an error message NTFS_FILE_SYSTEM. What is the most likely cause of this error?

Options:

A.

The hard disk is corrupt


B.

A virus


C.

Windows was installed improperly.


D.

Get the latest patch for Windows.


Expert Solution
Viewing page 6 out of 10 pages
Viewing questions 51-60 out of questions