This action might not be possible to undo. Are you sure you want to continue?
Question The following tool(s) are considered forensic analysis tools: Your Answer LinuxDD 1 EnCase FTK DC3DD LinuxDD 2 The following tool(s) can be used to create a hash value for digital media: DC3DD MD5SUM EnCase ipconfig 3 In Linux, this command is used to view/ modify the internet connection attributes? snort ifconfig devdump MAC OS 3 4 System restore is a component of which of the following? Windows XP Fedora Windows 7 $FILE_NAME 5 Which of the following attributes does the $MFT file not contain? $BITMAP $METADATA $DATA lsat 6 In Linux, this command is used to show the status of the print queue or queus? lpstat statp prntq 7 The following tool(s) can be used to create a bit for bit image: EnCase COFEE
it’s an unused attribute of the MFT file 11 What does the $bitmap do? Store information about allocated clusters Store information about allocated sectors Volatility 12 Which tool would assist in recovering volatile memory data? iLook DataCarver Gnome3 In the Master File Table (MFT) of NTFS. the size of each MFT entry is 14 defined by the boot sector and Microsoft uses a size of 15 Which statements are true about RAID volumes? TRUE FALSE 1024 2048 512 4096 All RAID levels provide for data .FTK Autopsy Identify specific file types 8 A hash set is typically used to (more than one may apply): Eliminate known good files Identify specific files of interest Identify files that are common to different file systems or groups of files Where do browsers store email messages by 9 default? Internet Cache System Cache WebStore Cache fd0 Which of the following could represent a USB 10 external storage device attached to a Linux system? hda sdb sdb1 Store information about metadata Nothing. one 13 attribute is used to store the file's name and the file's content. In NTFS.
redundancy and fault tolerance Only one disk from a RAID volume is normally required to recover the data RAID 0 offers no redundancy or fault tolerance A minimum of three disks are required for a RAID 5 volume They easily get angry .