[go: up one dir, main page]
Scribd
Upload
24 views4 pages

Compulsory Internal Assignment (Advanced Cyber Forensics 1)

ass

Uploaded by

Ramaiah Selvam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
24 views4 pages

Compulsory Internal Assignment (Advanced Cyber Forensics 1)

ass

Uploaded by

Ramaiah Selvam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

4/16/24, 1:50 PM Compulsory Internal Assignment (CBCS SEMESTER PATTERN)

Compulsory Internal Assignment (CBCS SEMESTER


PATTERN) Upto C23 Batch

Welcome : SANGEETH P T (A22105PCI6110)


Subject Name : ADVANCED CYBER FORENSICS(SPCI202) - Assessment - 1 Menu

1. Name the suspended state file representing the state of paused or suspended VM?

VMSD
VSWP
VMDK
VMSS

2. Which analysis is applied after the incident has occurred, and it usually takes place in all
cases?

Postmortem
Live
Forensic
Scientific

3. The chat database file in an iOS is available at path

/Users/Mac/Library/Messages/chat.db
/Users/Mac/Documents/Messages/chat.db
/Users/Mac/Files/Messages/chat.db
/Users/Mac/Database/Messages/chat.db

4. Which command-line application shows a list of files on a system that are open remotely?

Net File
PsFile
Openfiles
None of them

5. The unique feature of a Volatility Framework is

It is a cohesive framework
It has a comprehensive coverage of file formats
It is focused on forensics, incident response, and malware
All of them

www.ideunom.ac.in/mcq/questionpaper_pg.php?eGprSTdzUmk0R3hKMDkyYWJrZTMzVm54eGdQYWhZckdieG9kT01GYjBkdTBHSjFZTnc4MW… 1/4
4/16/24, 1:50 PM Compulsory Internal Assignment (CBCS SEMESTER PATTERN)

6. Which hive contains the hardware profile the system uses at startup?

HKEY_CURRENT_CONFIG
HKEY_CURRENT_USER
HKEY_USERS
HKEY_LOCAL_MACHINE

7. A primary configuration file which stores the VM setting and configuration chosen at the time of
creation of new virtual machine wizard is

VMX
VMXF
VMSD
VMDK

8. Name the default directory for office-type document files: text, spreadsheets, and presentations

Home
Desktop
Documents
Public

9. A set of duplicate data that is stored in a temporary location so that a computer system can
rapidly access that data is called

Volatile data
BIOS data
Cache
Duplicate data

10. What is a contiguous space of storage on a physical or logical disk that functions as though it
were a physically separate disk called

Schema
Table
Memory
Partition

11. The method(s) that is/are recommended for handling evidence are

Acquiring the evidence


Authenticating the recovered evidence
Analysing the data
All of them

12. A connection-oriented protocol that goes through a three-way handshake to establish a


session before data can be sent is called

FTP
HTTP
TCP
UDP

www.ideunom.ac.in/mcq/questionpaper_pg.php?eGprSTdzUmk0R3hKMDkyYWJrZTMzVm54eGdQYWhZckdieG9kT01GYjBkdTBHSjFZTnc4MW… 2/4
4/16/24, 1:50 PM Compulsory Internal Assignment (CBCS SEMESTER PATTERN)

13. The first four bytes of the file which has the value 0xfeedface for files compiled for 32-bit Intel
systems is

CPU value
File value
Size Value
Magic Value

14. What type of information does an investigator need to know about processes?

Amount of time that the process has been running


Which modules the process has loaded
The command line used to launch the process, if any
All of them

15. Which program is used for logging in to and executing commands on a remote machine that
provides a secure encrypted communications between two untrusted hosts over an insecure
network?

TELNET
HTTPS
SSH
DNS

16. What consists of a series of messages in time-sequence that describe activities going on
within a system?

Timeline
File
Router
Log

17. The log that records events of domain controller replication is

DNS Server log


File replication service log
Directory service log
Application log

18. The major challenge(s) faced by law enforcement and government agencies in the
investigation of a cloud environment is

Multi-tenancy
Location of servers
Both A and B
Neither A nor B

19. The files that will not be displayed by default in most graphical applications and command line
utilities in Linux systems are known as

Special Files
Unseen Files

www.ideunom.ac.in/mcq/questionpaper_pg.php?eGprSTdzUmk0R3hKMDkyYWJrZTMzVm54eGdQYWhZckdieG9kT01GYjBkdTBHSjFZTnc4MW… 3/4
4/16/24, 1:50 PM Compulsory Internal Assignment (CBCS SEMESTER PATTERN)

Secret Files
Dot Files

20. The most commonly used timestamp within Windows data structures that is an 8-byte
timestamp that represents the number of 100-nanosecond intervals is

UnixTimeStamp
DosDate
WinTimeDate
WinTimeStamp

SAVE

www.ideunom.ac.in/mcq/questionpaper_pg.php?eGprSTdzUmk0R3hKMDkyYWJrZTMzVm54eGdQYWhZckdieG9kT01GYjBkdTBHSjFZTnc4MW… 4/4

You might also like