A company has identified that a hacker has modified files on one of the company's computers. The IT department has collected the storage media from the hacked computer.
Which evidence should be obtained from the storage media to identify which files were modified?
The chief information officer of an accounting firm believes sensitive data is being exposed on the local network.
Which tool should the IT staff use to gather digital evidence about this security vulnerability?
A forensic investigator needs to identify where email messages are stored on a Microsoft Exchange server.
Which file extension is used by Exchange email servers to store the mailbox database?
A digital forensic examiner receives a computer used in a hacking case. The examiner is asked to extract information from the computer's Registry.
How should the examiner proceed when obtaining the requested digital evidence?
Which operating system creates a swap file to temporarily store information from memory on the hard drive when needed?
Which file stores local Windows passwords in the Windows\System32\ directory and is subject to being cracked by using a live CD?
Which tool can be used to make a bit-by-bit copy of a Windows Phone 8?
Which U.S. law criminalizes the act of knowingly using a misleading domain name with the intent to deceive a minor into viewing harmful material?
Which description applies to the Advanced Forensic Format (AFF)?
Susan was looking at her credit report and noticed that several new credit cards had been opened lately in her name. Susan has not opened any of the credit card accounts herself.
Which type of cybercrime has been perpetrated against Susan?
