Bob, a forensic investigator, is investigating a live Windows system found at a crime scene. In this process, Bob extracted subkeys containing information such as SAM. Security, and software using an automated tool called FTK Imager.
Which of the following Windows Registry hives' subkeys provide the above information to Bob?
While investigating a web attack on a Windows-based server, Jessy executed the following command on her system:
C:\> net view <10.10.10.11>
What was Jessy’s objective in running the above command?
Which of the following standards and criteria version of SWCDE mandates that any action with the potential to alter, damage, or destroy any aspect of original evidence must be performed by qualified persons in a forensically sound manner?
Morris, an attacker, targeted an application server to manipulate its services. He succeeded by employing input validation attacks such as XSS that exploited vulnerabilities present in the programming logic of an application. Identify the web application layer in which Morris has manipulated the programming logic.
Roxanne is a professional hacker hired by an agency to disrupt the business services of their rival company. Roxanne employed a special type of malware that consumes a server's memory and network bandwidth when triggered. Consequently, the target server is overloaded and stops responding.
Identify the type of malware Roxanne has used in the above scenario.
Which of the following practices makes web applications vulnerable to SQL injection attacks?
Bob, a security professional, was recruited by an organization to ensure that application services are being delivered as expected without any delay. To achieve this. Bob decided to maintain different backup servers for the same resources so that if one backup system fails, another will serve the purpose.
Identify the IA principle employed by Bob in the above scenario.
Kane, an investigation specialist, was appointed to investigate an incident in an organization’s network. In this process, Kane executed a command and identified that a network interface is running in the promiscuous mode and is allowing all incoming packets without any restriction.
In the above scenario, which of the following commands did Kane use to check whether the network interface is set to the promiscuous mode?
Kalley, a network administrator of an organization, has installed a traffic monitoring system to capture and report suspicious traffic signatures. In this process, she detects traffic containing password cracking, sniffing, and brute-forcing attempts.
Which of the following categories of suspicious traffic signature were identified by Kalley through the installed monitoring system?
Martin, a hacker, aimed to crash a target system. For this purpose, he spoofed the source IP address with the target's IP address and sent many ICMP ECHO request packets to an IP broadcast network, causing all the hosts to respond to the received ICMP ECHO requests and ultimately crashing the target machine.
Identify the type of attack performed by Martin in the above scenario.
Which of the following environmental controls options saves the hardware from humidity and heat, increases hardware performance, and maintains consistent room temperature?
Mark, a network administrator in an organization, was assigned the task of preventing data from falling into the wrong hands. In this process, Mark implemented authentication techniques and performed full memory encryption for the data stored on RAM.
In which of the following states has Steve encrypted the data in the above scenario?
Kalley, a shopping freak, often visits different e commerce websites from her office system. One day, she received a free software on her mail with the claim that it is loaded with new clothing offers. Tempted by this, Kalley downloaded the malicious software onto her system. The software infected Kalley's system and began spreading the infection to other systems connected to the network.
Identify the threat source through which Kalley unintentionally invited the malware into the network?
Paola, a professional hacker, configured her wireless router in an organization's premises and advertised it with a spoofed SSID. She lured victims to connect to the router by sending the fake SSID. She started sniffing all the traffic from the victims that is passing through his wireless router.
Which of the following types of attacks is Paola performing in the above scenario?
Stephen, an attacker, decided to gain access to an organization’s server. He identified a user with access to the remote server. He used sniffing programs to gain the user's credentials and captured the authentication tokens transmitted by the user. Then, he transmitted the captured tokens back tothe server to gain unauthorized access.
Identify the technique used by Stephen to gain unauthorized access to the target server.
A system that a cybercriminal was suspected to have used for performing an anti-social activity through the Tor browser. James reviewed the active network connections established using specific ports via Tor.
Which of the following port numbers does Tor use for establishing a connection via Tor nodes?
Cheryl, a forensic expert, was recruited to investigate a malicious activity performed by an anonymous hackers’ group on an organization’s systems. Using an automated tool, Cheryl was able to extract the malware file and analyze the assembly code instructions, which helped him understand the malware’s purpose.
Which of the following tools helped Cheryl extract and analyze the assembly code of the malware?
James, a forensic specialist, was appointed to investigate an incident in an organization. As part of the investigation, James is attempting to identify whether any external storage devices are connected to the internal systems. For this purpose, he employed a utility to capture the list of all devices connected to the local machine and removed suspicious devices.
Identify the tool employed by James in the above scenario.
Williams, a forensic specialist, was tasked with performing a static malware analysis on a suspect system in an organization. For this purpose, Williams used an automated tool to perform a string search and saved all the identified strings in a text file. After analyzing the strings, he determined all the harmful actions that were performed by malware.
Identify the tool employed by Williams in the above scenario.
Below is the syntax of a command-line utility that displays active TCP connections and ports on which the computer is listening.
netstat [ a] [e] [-nJ [-o] [ p Protocol] [-r] [-s] [interval]
Identify the netstat parameter that displays active TCP connections and includes the process ID (PID) for each connection.
Below are the various steps involved in an email crime investigation.
1.Acquiring the email data
2.Analyzing email headers
3.Examining email messages
4.Recovering deleted email messages
5.Seizing the computer and email accounts
6.Retrieving email headers
What is the correct sequence of steps involved in the investigation of an email crime?
Which of the following cloud computing threats arises from authentication vulnerabilities, user-provisioning and de-provisioning vulnerabilities, hypervisor vulnerabilities, unclear roles and responsibilities, and misconfigurations?
Stephen, a security specialist, was instructed to identify emerging threats on the organization's network. In this process, he employed a computer system on the Internet intended to attract and trap those who attempt unauthorized host system utilization to penetrate the organization's network.
Identify the type of security solution employed by Stephen in the above scenario.
Mary was surfing the Internet, and she wanted to hide her details and the content she was surfing over the web. She employed a proxy tool that makes his online activity untraceable.
Identify the type of proxy employed by John in the above scenario.
Sam is working as a loan agent for a financial institution. He frequently receives a number of emails from clients providing their personal details for loan approval. As these emails contain sensitive data. Sam had set up a feature that directly downloads the emails on his device without storing a copy on the mail server.
Which of the following protocols provides the above-discussed email features?