PDF 412-79 Study Guide

Page: 2 / 8

Question 8

Bob has been trying to penetrate a remote production system for the past tow weeks. This time however, he is able to get into the system. He was able to use the System for a period of three weeks. However law enforcement agencies were recoding his every activity and this was later presented as evidence. The organization had used a Virtual Environment to trap BoB. What is a Virtual Environment?

Options:

A Honeypot that traps hackers

A system Using Trojaned commands

An environment set up after the user logs in

An environment set up before an user logs in

Question 9

When cataloging digital evidence, the primary goal is to:

Options:

Make bit-stream images of all hard drives

Preserve evidence integrity

Not remove the evidence from the scene

Not allow the computer to be turned off

Question 10

With Regard to using an Antivirus scanner during a computer forensics investigation, You should:

Options:

Scan the suspect hard drive before beginning an investigation

Never run a scan on your forensics workstation because it could change your systems configuration

Scan your forensics workstation at intervals of no more than once every five minutes during an investigation

Scan your Forensics workstation before beginning an investigation

Question 11

You are assisting in the investigation of a possible Web Server Hack. The company who called you stated that customers reported to them that whenever they entered the web address of the company in their browser, what they received was a porno graphic web site. The company checked the web server and nothing appears wrong. When you type in the IP address of the web site in your browser everything appears normal. What is the name of the attack that affects the DNS cache of the name resolution servers, resulting in those servers directing users to the wrong web site?