Which operating system creates a swap file to temporarily store information from memory on the hard drive when needed?
On which file does the Windows operating system store hashed passwords?
Which universal principle must be observed when handling digital evidence?
Which type of information does a Windows SAM file contain?
Thomas received an email stating he needed to follow a link and verify his bank account information to ensure it was secure. Shortly after following the instructions, Thomas noticed money was missing from his account.
Which digital evidence should be considered to determine how Thomas' account information was compromised?
A forensic scientist arrives at a crime scene to begin collecting evidence.
What is the first thing the forensic scientist should do?
A forensic scientist is examining a computer for possible evidence of a cybercrime.
Why should the forensic scientist copy files at the bit level instead of the OS level when copying files from the computer to a forensic computer?
A victim of Internet fraud fell for an online offer after using a search engine to find a deal on an expensive software purchase. Once the victim learned about the fraud, he contacted a forensic investigator for help.
Which digital evidence should the investigator collect?
Which law or guideline lists the four states a mobile device can be in when data is extracted from it?
A forensics investigator is investigating a Windows computer which may be collecting data from other computers on the network.
Which Windows command line tool can be used to determine connections between machines?
